The Voice Video Endpoint camera must provide hardware mechanisms, such as push-to-see (PTS) camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-66779	SRG-NET-000512-VVEP-00049	SV-81269r1_rule		Medium

Description
Cameras used with Voice Video Endpoints may reveal sensitive or classified information. This is especially at risk when unclassified conversations are conducted in classified spaces. Users or operators of videoconferencing systems must take care regarding what is being said and seen during a conference call and what sensitive information can be picked up by a camera or microphone. Voice Video Endpoints used in classified areas must use hardware mechanisms such as push-to-see (PTS) to prevent sensitive or classified information picked up by the camera in the area of the call from being transmitted over unclassified systems. This capability mitigates the risk to compromise sensitive or classified information not related to the conversation in progress.

Description

Cameras used with Voice Video Endpoints may reveal sensitive or classified information. This is especially at risk when unclassified conversations are conducted in classified spaces. Users or operators of videoconferencing systems must take care regarding what is being said and seen during a conference call and what sensitive information can be picked up by a camera or microphone. Voice Video Endpoints used in classified areas must use hardware mechanisms such as push-to-see (PTS) to prevent sensitive or classified information picked up by the camera in the area of the call from being transmitted over unclassified systems. This capability mitigates the risk to compromise sensitive or classified information not related to the conversation in progress.

STIG	Date
Voice Video Endpoint Security Requirements Guide	2016-06-24

Details

Check Text ( C-67429r1_chk )
Verify the Voice Video Endpoint camera provides hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks. If the Voice Video Endpoint camera does not provide hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks, this is a finding. If the Voice Video Endpoint camera does provide hardware mechanisms but is not configured to use these features, this is a finding.

Check Text ( C-67429r1_chk )

Verify the Voice Video Endpoint camera provides hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks.

If the Voice Video Endpoint camera does not provide hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks, this is a finding. If the Voice Video Endpoint camera does provide hardware mechanisms but is not configured to use these features, this is a finding.

Fix Text (F-72879r1_fix)
Configure the Voice Video Endpoint camera hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks.