Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-23920 | STO-FLSH-070 | SV-28876r1_rule | ECSC-1 | Medium |
Description |
---|
These NSA-approved tools are built upon the Assured File Transfer guard, which is an approved Unified Cross Domain Management Office (UCDMO) file transfer Cross Domain Solution. Use of these tools with the procedures listed in the Check section is the only authorized method for using flash media for higher risk data transfers. |
STIG | Date |
---|---|
Removable Storage and External Connection Technologies STIG | 2011-01-18 |
Check Text ( C-29525r1_chk ) |
---|
Further policy details: This requirement applies to flash media. Higher risk categories are defined as: 1. Data transfers to or from non-DoD systems 2. Special cases when data must traverse different classification domains Higher risk data transfer procedures for USB thumb drives: 1. Insert/Unlock USB thumb drive. 2. Load file from the source network. 3. Scan flash media device with NSA‘s FiST. 4. Set USB thumb drive to read only mode, if possible. 5. Scan file using scanning software on the destination network. 6. Load file to destination network. 7. Use ME to wipe device when data is no longer needed. Higher risk data transfer procedures for memory cards: 1. Insert card into card reader. 2. Insert card reader (if separate) into NSA's FiST. 3. Scan disk drive created by memory card using FiST. 4. Scan disk drive created by the memory card using scanning software on the destination network. 5. Load file to destination network. 7. Use ME to wipe device when data is no longer needed. Check procedures: 1. Interview the site representative. 2. Ask if higher risk data transfers, as outlined above, are performed. If so, ask how this transfer is done and verify compliance with above procedure. |
Fix Text (F-26594r1_fix) |
---|
For higher risk data transfers using thumb drives, the File Sanitization Tool (FiST) with Magik Eraser (ME) will be used. |