UCF STIG Viewer Logo

RFID Scanner Security Technical Implementation Guide (STIG)


Overview

Date Finding Count (4)
2014-03-18 CAT I (High): 0 CAT II (Med): 2 CAT III (Low): 2
STIG Description
This STIG contains the technical security controls for the operation of a RFID Scanner in the DoD environment.

Available Profiles



Findings (MAC III - Administrative Classified)

Finding ID Severity Title
V-18856 Medium Removable memory cards (e.g., MicroSD) must use a FIPS 140-2 validated encryption module to bind the card to a particular device such that the data on the card is not readable on any other device.
V-18625 Medium PDA and Smartphones that are connected to DoD Windows computers via a USB connection must be compliant with requirements.
V-14034 Low If a wireless connection (e.g. WLAN, Bluetooth) is used between the RFID scanner and RFID workstation, security requirements must be followed.
V-18620 Low Sensitive or Personally Identifiable Information (PII) must not be transferred between an RFID tag and RFID scanner unless the information is encrypted using a FIPS 140-2 validated encryption module.