For end points using Windows operating systems, removable storage devices will be restricted by a specific device or by a unique identifier (e.g., serial number) to specific users and machines.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22177 | STO-FLSH-050 | SV-25815r2_rule | ECSC-1 | Medium |
| Description |
|---|
| Because of the innate security risks involved with using removable storage devices (flash drives, thumb drives, disk drives, etc.), users must follow required access procedures. Restricting specific devices to each user allows for non-repudiation and audit tracking. |
| STIG | Date |
|---|---|
| Removable Storage and External Connections Security Technical Implementation Guide | 2016-12-16 |
Details
| Check Text ( C-27334r2_chk ) |
|---|
| Further policy details: HBSS DCM configuration guidance is located at www.dodpatchrepository.mil. Check procedures: 1. View the configuration of the DCM module. 2. Verify DCM is configured to allow or deny approved removable storage devices based on specific device parameters (i.e., serial number and device instance ID), device driver type (e.g., external USB storage device), and/or a specific host end point or user. If HBSS DCM is not configured to allow or deny approved removable storage devices based on specific device parameters (i.e., serial number and device instance ID), device driver type (e.g., external USB storage device), and/or a specific host end point or user, this is a finding. |
| Fix Text (F-23395r2_fix) |
|---|
| For end points using Windows operating systems, removable storage devices will be restricted by a specific device or by a unique identifier (e.g., serial number) to specific users and machines. |