Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-31529 | IS-02.01.14 | SV-41811r2_rule | PECF-2 PEPF-1 PEPF-2 PESS-1 | High |
Description |
---|
Failure to properly monitor and control collateral classified open storage area access doors during working hours (while the FF-L-2740 combination lock is not secured) could result in an undetected perimeter breach and limited or no capability to immediately notify response forces. Ultimately this could result in the undetected loss or compromise of classified material. Entrances to secure rooms or areas (and/or vaults that are opened for access) must be under visual control at all times during duty hours to prevent entry by unauthorized personnel . This may be accomplished by several methods (e.g., employee work station, guard, continuously monitored CCTV). An automated entry control system (AECS) may be used to control admittance during working hours instead of visual control, if it meets certain criteria. |
STIG | Date |
---|---|
Traditional Security | 2013-07-11 |
Check Text ( C-40263r26_chk ) |
---|
Background Information and Requirements Summary: 1. The FF-L-2740 combination lock securing the primary access door for vaults and secure rooms (AKA: collateral classified open storage areas) may be opened at the beginning of normal duty hours and left unlocked for frequent employee access only if the entrance is properly monitored and controlled. The combination lock will be secured at the end of normal duty hours and interior motion alarms (if used) activated. 2. Entrances to vaults, secure rooms or collateral classified open storage areas must be under visual control at all times during duty hours to prevent entry by unauthorized personnel. 3. An automated access control system (ACS) may be used to monitor and control admittance during working hours instead of visual control, if it consists of a swipe of proximity coded card and reader, supplemented by the use of a Personal Identification Number (PIN) or by use of Biometric readers (fingerprints, retina scanner, etc.). 4. Visual monitoring or control of secure room access points may be accomplished by several methods (e.g., employee work station, guard, "continuously monitored" CCTV). Employee monitoring may be conducted by cleared employees within the secure room space, who can observe all entrances or employees located just outside the secure room adjacent to an entrance may also "actively" monitor access. If CCTV is used to monitor, the CCTV cameras must cover all potential entrances and send real time images back to a continuously manned monitoring station. 5. Regardless of the method used (visual methods)to monitor daytime access, a locking system for access control must still be used on the entrance to the secure area. The use of automated access systems, (ie. ACS coded ID cards or badges) is encouraged. Supplementing the coded (swipe or proximity) cards or badges with a PIN or biometrics is not required if the entrances are properly monitored by visual means. 6. Access to secure areas may also be controlled by electric, mechanical or electro-mechanical access control devices to limit access during duty hours, but only if the entrance is under visual control. 7. IMPORTANT NOTE: Electrically actuated locks (e.g., cypher, proximity card and magnetic strip card locks) do not afford by themselves the required degree of protection for classified information and must not be used as a substitute for the combination locks meeting Federal Specification FF-L-2740. CHECKS: If use of visual control methods is observed as the primary means to control access during duty hours, use the following three checks to evaluate: Check #1. Check to ensure that all possible primary or secondary entrances to vaults or secure rooms are continuously monitored by cleared employees or guards (inside or outside the room or area) or by CCTV, whenever the FF-L-2740 combination lock is disengaged for daytime or other routine access. (CAT I) Check #2. Check to ensure that if CCTV is used it sends real time images to a continuously manned monitoring station. (CAT I) Check #3. Check to ensure that access to a continuously (visually) monitored vault, secure room or collateral classified open storage area is controlled by an Access Control System (ACS) using coded cards or badges (biometrics or PIN are not required) or by electric, mechanical or electro-mechanical access control devices to limit access during duty hours. (CAT I) If use of an Automated Access Control System (ACS) is used to control access (without use of any authorized visual control methods), use the following six checks to evaluate: Requirements Summary: An automated access control system (ACS) may be used to monitor and control admittance during working hours instead of visual control, if it meets certain criteria as detailed in the following review checks: CHECKS: Check #1. Check to ensure the automated ACS identifies individuals and authenticates the person's authority to enter the area through the use of a coded identification (ID) badge or card. (CAT I) Check #2. Check to ensure that in addition to the swipe or proximity card or badge - that a personal identification number (PIN) is used. This is required WHEN VISUAL (MONITORING) CONTROLS of the entrance ARE NOT USED during working hours. (CAT I) Check #3. Check the PINs are separately entered into the system by each individual using a keypad device and consist of four or more digits, randomly selected, with no known or logical association with the individuals. (CAT I) Check #4. Check to ensure there is a procedure to cover changing PINs when it is believed they have been compromised or subjected to compromise. (CAT III - if this is the only finding) Check #5. NOTE: Biometrics Devices, which identify an individual requesting access by some unique personal characteristic, such as Fingerprinting, Hand Geometry, Handwriting, Retina scans, or Voice recognition may be used in conjunction with an ID badge or card in lieu of a PIN. Check #6. VERY IMPORTANT: Check to ensure that electric, mechanical or electro-mechanical access control devices such as Cipher locks ARE NOT USED to control access to secure rooms or areas that are not under continuous visual control during working hours. Generally these locks do not provide the means for individual access codes and do not report to a central server or system monitor. Therefore they are permissable ONLY for access control to secure rooms and spaces when the entrance is under continuous visual control. (CAT I) TACTICAL ENVIRONMENT: This requirement/checks are applicable where Vaults/Secure Rooms are used to protect classified materials or systems in a tactical environment. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used. |
Fix Text (F-35421r9_fix) |
---|
If use of visual control methods is the primary means to control access during duty hours, use the following three fixes to comply with requirements: 1. All possible primary or secondary entrances to vaults or secure rooms must be continuously monitored by cleared employees or guards (inside or outside the room or area) or by CCTV, whenever the FF-L-2740 combination lock is disengaged for daytime or other routine access. 2. If CCTV is used it must send real time images to a continuously manned monitoring station. 3. Access to a continuously (visually) monitored vault, secure room or collateral classified open storage area must be controlled by an Access Control System (ACS) using coded cards or badges (biometrics or PIN are not required) or by electric, mechanical or electro-mechanical access control devices to limit access during duty hours. If use of an Automated Access Control System (ACS) is used to control access (without use of any authorized visual control methods), use the following six fixes to comply with requirements: 1. The automated ACS must identify individuals and authenticate the person's authority to enter the area through the use of a coded identification (ID) badge or card. 2. In addition to the swipe or proximity card or badge a personal identification number (PIN) must be used. This is required WHEN VISUAL (MONITORING) CONTROLS of the entrance ARE NOT USED during working hours. 3. The PINs must be separately entered into the system by each individual using a keypad device and consist of four or more digits, randomly selected, with no known or logical association with the individuals. 4. There must be a procedure in place to cover changing PINs when it is believed they have been compromised or subjected to compromise. 5. Biometrics Devices, which identify an individual requesting access by some unique personal characteristic, such as Fingerprinting, Hand Geometry, Handwriting, Retina scans, or Voice recognition may be used in conjunction with an ID badge or card in lieu of a PIN. 6. VERY IMPORTANT: Electric, mechanical or electro-mechanical access control devices such as Cipher locks MUST NOT BE USED to control access to secure rooms or areas that are not under continuous visual control during working hours. Generally these locks do not provide the means for individual access codes and do not report to a central server or system monitor. Therefore they are permissable ONLY for access control to secure rooms and spaces when the entrance is under continuous visual control. |