UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Users must receive training on required topics before they are authorized to access a DoD network via a wireless remote access device.


Overview

Finding ID Version Rule ID IA Controls Severity
V-25034 WIR-WRA-001 SV-30836r3_rule PRTN-1 Low
Description
Improper use of wireless remote access to a DoD network can compromise both the wireless client and the network and expose DoD data to unauthorized people. Without required training, users may use the smartphones improperly and in an insecure manner.
STIG Date
Smartphone Policy Security Technical Implementation Guide 2011-06-20

Details

Check Text ( C-31258r2_chk )
Detailed Policy Requirements:
The IAO and the site wireless device administrator have not ensured that all wireless remote access users receive training on the following topics before they are authorized to access a DoD network via a wireless remote access device:

- Maintaining physical control of the device
- Reducing exposure of sensitive data
- Backing up data frequently
- User authentication, anti-virus, personal firewall, and content encryption requirements
- Enabling wireless interfaces only when needed
- Enable VPN connection to the DoD network immediately after establishing a wireless connection
- All Internet browsing will be done via the VPN connection to the DoD network
- No split tunneling of VPN
- Locations where wireless remote access is authorized or not authorized (e.g., home, airport, hotel, etc.)
- Configuration requirements of wireless client
- Use of WPA2 Personal (AES) on home WLAN
- Home WLAN password and SSID requirements - Discontinue the use of devices suspected of being tampered with and notify the site IAO.

For iOS devices, add:
-User should select “Forget this Network” while still in physical range. (This prevents the iPhone from automatically joining networks later that may share the same SSID. The user will not be able to “forget” individual networks when out of range and will have to reset all network settings.)


Check Procedures:
Review site wireless device and/or IA awareness training material to verify it contains the required content.

Note: Some training content may be listed in the User Agreement signed by the user.

Verify that site training records show that authorized wireless remote access users received required training and training occurred before the users were issued a device. Check training records for approximately five users, picked at random. Mark as a finding if training material contains the required content and wireless remote access users received required training.
Fix Text (F-27724r1_fix)
Complete required training