Organizations that do not have a properly configured HBSS with DCM configuration will not use removable storage devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-23950 | STO-FLSH-060 | SV-28906r2_rule | ECSC-1 | Medium |
| Description |
|---|
| Because of the innate security risks involved with using removable storage devices (flash drives, thumb drives, disk drives, etc.), an access control and authorization method is needed. DCM software provides granular end point access control and management of removable media. Currently, DCM only supports the Windows operating system. |
| STIG | Date |
|---|---|
| Removable Storage and External Connections Security Technical Implementation Guide | 2017-09-25 |
Details
| Check Text ( C-29531r2_chk ) |
|---|
| Further policy details: 1. This requirement applies to all removable storage devices, including memory cards and USB devices. 2. DCM will be configured to monitor all removable storage devices, including camera memory, if it is used for non-publicly releasable information storage or to connect to clients attached to DoD networks. Check procedure: Inspect the end points and ensure the following. 1. Verify that if removable storage devices are used, then HBSS/DCM is used to track usage. 2. Inspect to see if removable storage devices are used for non-publicly releasable data or are directly or indirectly attached to the NIPRNet or the SIPRNet. 3. If either of these are true, then verify use of HBSS/DCM to monitor their usage. If the organization is using removable storage devices without having HBSS with DCM installed and properly configured, this is a finding. |
| Fix Text (F-26611r2_fix) |
|---|
| Organizations that do not have a properly configured HBSS with DCM configuration will not use removable storage devices. |