UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Voice Video Endpoint camera must provide hardware mechanisms, such as push-to-see (PTS) camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks.


Overview

Finding ID Version Rule ID IA Controls Severity
V-66779 SRG-NET-000512-VVEP-00049 SV-81269r1_rule Medium
Description
Cameras used with Voice Video Endpoints may reveal sensitive or classified information. This is especially at risk when unclassified conversations are conducted in classified spaces. Users or operators of videoconferencing systems must take care regarding what is being said and seen during a conference call and what sensitive information can be picked up by a camera or microphone. Voice Video Endpoints used in classified areas must use hardware mechanisms such as push-to-see (PTS) to prevent sensitive or classified information picked up by the camera in the area of the call from being transmitted over unclassified systems. This capability mitigates the risk to compromise sensitive or classified information not related to the conversation in progress.
STIG Date
Voice Video Endpoint Security Requirements Guide 2017-04-06

Details

Check Text ( C-67429r1_chk )
Verify the Voice Video Endpoint camera provides hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks.

If the Voice Video Endpoint camera does not provide hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks, this is a finding. If the Voice Video Endpoint camera does provide hardware mechanisms but is not configured to use these features, this is a finding.
Fix Text (F-72879r1_fix)
Configure the Voice Video Endpoint camera hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks.