Install and configure Host-Based Security System (HBSS) with Device Control Module (DCM) on all Windows host computers that will use USB flash media (thumb drives).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22176 | STO-FLSH-040 | SV-25814r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Because of the innate security risks involved with using a USB flash media, an access control and authorization method is needed. DCM software provides granular end point access control and management of removable media. Currently, DCM only supports the Windows operating system (OS). |
| STIG | Date |
|---|---|
| Removable Storage and External Connection Technologies STIG | 2011-01-18 |
Details
| Check Text ( C-27333r1_chk ) |
|---|
| Further policy details: This check applies only to end points using Windows OS that use flash media devices. Check Procedure: Inspect the end points. Ensure the following: 1. HBSS is installed and configured in compliance with the HBSS STIG. The site may provide the results of an SRR review or self-inspection. 2. Verify DCM is installed and configured to allow only authorized flash media devices by using a device identifier or serial number. 3. Verify DCM is configured in accordance with the CTO 10-004(A or updated version). 4. If the HBSS/DCM solution is not used, an alternate solution which performs the required security functions is required, and this alternative must be approved by USCYBERCOM. |
| Fix Text (F-23394r1_fix) |
|---|
| Install and configure Host-Based Security System (HBSS) with Device Control Module (DCM) on all Windows host computers that will use USB flash media (thumb drives). |