If wireless remote access is approved for use, the site's SSP must include wireless remote access equipment and locations (site network Wi-Fi, home, hotel, public hotspots, etc.) approved for site personnel.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-25036	WIR-WRA-003	SV-30838r3_rule	ECWN-1	Low

Description
Wireless client, networks, and data could be compromised if unapproved wireless remote access is used. In most cases, unapproved devices are not managed and configured as required by the appropriate STIG and the site’s overall network security controls are not configured to provide adequate security for unapproved devices. When listed in the SSP, the site has shown that security controls have been designed to account for the wireless devices.

Description

Wireless client, networks, and data could be compromised if unapproved wireless remote access is used. In most cases, unapproved devices are not managed and configured as required by the appropriate STIG and the site’s overall network security controls are not configured to provide adequate security for unapproved devices. When listed in the SSP, the site has shown that security controls have been designed to account for the wireless devices.

STIG	Date
Smartphone Policy Security Technical Implementation Guide	2012-02-02

Details

Check Text ( C-31260r2_chk )
Review the site's SSP and verify it includes a listing of approved wireless remote access equipment and locations (home, hotel, etc.). Mark as a finding if the site SSP does not reference approved wireless remote access equipment and locations.

Fix Text (F-27726r1_fix)
Update SSP with wireless remote access information.