Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-66779 | SRG-NET-000512-VVEP-00049 | SV-81269r2_rule | Medium |
Description |
---|
Cameras used with Voice Video Endpoints may reveal sensitive or classified information. This is especially at risk when unclassified conversations are conducted in classified spaces. Users or operators of videoconferencing systems must take care regarding what is being said and seen during a conference call and what sensitive information can be picked up by a camera or microphone. Voice Video Endpoints used in classified areas must use hardware mechanisms such as push-to-see (PTS) to prevent sensitive or classified information picked up by the camera in the area of the call from being transmitted over unclassified systems. This capability mitigates the risk to compromise sensitive or classified information not related to the conversation in progress. |
STIG | Date |
---|---|
Voice Video Endpoint Security Requirements Guide | 2020-05-15 |
Check Text ( C-67429r2_chk ) |
---|
If the unclassified Voice Video Endpoint is not deployed where sensitive or classified information is displayed or discussed, this check procedure is Not Applicable. Verify the Voice Video Endpoint camera provides hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks. If the Voice Video Endpoint camera does not provide hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks, this is a finding. If the Voice Video Endpoint camera does provide hardware mechanisms but is not configured to use these features, this is a finding. |
Fix Text (F-72879r2_fix) |
---|
Configure the Voice Video Endpoint camera hardware mechanisms, such as push-to-see camera switches, to prevent pickup and transmission of sensitive or classified information over non-secure networks. |