UCF STIG Viewer Logo

Windows Phone 6.5 (with Good Mobility Suite) Security Technical Implementation Guide


Overview

Date Finding Count (9)
2011-10-04 CAT I (High): 0 CAT II (Med): 6 CAT III (Low): 3
STIG Description
This STIG contains technical security controls required for the use of Windows Phone 6.5 devices in the DoD environment when managed by the Good Mobility Suite.

Available Profiles



Findings (MAC III - Administrative Public)

Finding ID Severity Title
V-25022 Medium All smartphones must display the required banner during device unlock/ logon.
V-24981 Medium Smartphone devices must have required operating system software versions installed.
V-19899 Medium All wireless PDA client VPNs must have split tunneling disabled. This check is not applicable if the installed VPN client is not used for remote access to DoD networks.
V-19898 Medium All wireless PDA clients used for remote access to DoD networks must have a VPN supporting CAC authentication. This check is not applicable if the installed VPN client is not used for remote access to DoD networks.
V-19897 Medium All wireless PDA clients used for remote access to DoD networks must have a VPN that supports AES encryption. This check is not applicable if the installed VPN client is not used for remote access to DoD networks.
V-18627 Medium The VPN client on wireless clients (PDAs, smartphones) used for remote access to DoD networks must be FIPS 140-2 validated. This check is not applicable if the installed VPN client is not used for remote access to DoD networks.
V-24986 Low All non-core applications on the smartphone must be approved by the DAA or Command IT Configuration Control Board.
V-24984 Low If smartphone email auto signatures are used, the signature message must not disclose that the email originated from a smartphone (e.g., “Sent From My Wireless Handheld”).
V-24982 Low Smart Card Readers (SCRs) used with smartphone must have required software version installed.