Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22112 | STO-DRV-030 | SV-25617r1_rule | Medium |
Description |
---|
Removable media often arrives from the vendor with many files already stored on the drive. These files may contain malware or spyware which present a risk to DoD resources. |
STIG | Date |
---|---|
Removable Storage and External Connections Security Technical Implementation Guide | 2016-12-16 |
Check Text ( C-27097r1_chk ) |
---|
Further policy details: NSA-approved tools must be used for scanning and wiping all external storage drives and media prior to first time use. A list of NSA-approved tools, approved specifically for scanning and wiping flash media is available at https://www.cybercom.mil/default.aspx. These are the only approved tools for flash media. Check procedure: 1. Interview the site representative. 2. Ask if devices are wiped using approved software and procedures prior to using the drive to store or transfer DoD files. 3. Mark as a finding if this is a Windows system and USCYBERCOM-approved tools are not used for scanning and wiping flash media prior to fist time use. 4. Mark as a finding for all devices where the disk is not wiped before first-time use. |
Fix Text (F-23199r1_fix) |
---|
For all USB flash media (thumb drives) and external hard disk drives, use an approved method to wipe the device before using for the first-time. |