UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

For end points using Windows operating systems, removable storage devices will be restricted by a specific device or by a unique identifier (e.g., serial number) to specific users and machines.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22177 STO-FLSH-050 SV-25815r2_rule ECSC-1 Medium
Description
Because of the innate security risks involved with using removable storage devices (flash drives, thumb drives, disk drives, etc.), users must follow required access procedures. Restricting specific devices to each user allows for non-repudiation and audit tracking.
STIG Date
Removable Storage and External Connections Security Technical Implementation Guide 2017-03-02

Details

Check Text ( C-27334r2_chk )
Further policy details:

HBSS DCM configuration guidance is located at www.dodpatchrepository.mil.

Check procedures:

1. View the configuration of the DCM module.

2. Verify DCM is configured to allow or deny approved removable storage devices based on specific device parameters (i.e., serial number and device instance ID), device driver type (e.g., external USB storage device), and/or a specific host end point or user.

If HBSS DCM is not configured to allow or deny approved removable storage devices based on specific device parameters (i.e., serial number and device instance ID), device driver type (e.g., external USB storage device), and/or a specific host end point or user, this is a finding.
Fix Text (F-23395r2_fix)
For end points using Windows operating systems, removable storage devices will be restricted by a specific device or by a unique identifier (e.g., serial number) to specific users and machines.