UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

If a wireless keyboard or mouse is used with any site computers, then it must follow security requirements.


Overview

Finding ID Version Rule ID IA Controls Severity
V-4639 WIR0535 SV-4639r1_rule ECWN-1 Medium
Description
The use of unauthorized wireless keyboards and mice can compromise DoD computers, networks, and data. The receiver for a wireless keyboard/mouse provides a wireless port on the computer that could be attacked by a hacker. Wireless keyboard transmissions can be intercepted by a hacker and easily viewed if required security is not used.
STIG Date
Wireless Keyboard and Mouse Security Technical Implementation Guide (STIG) 2013-03-14

Details

Check Text ( C-4009r1_chk )
Detailed Policy Requirements:

If a wireless keyboard or mouse is used with any site workstations, the following requirements must be followed:

- If WLAN is used for the wireless connection, assign “WLAN Client” asset posture in VMS to the workstation (or PDA) asset and complete WLAN checks assigned to the workstation (or PDA).
- If Bluetooth or some other wireless technology is used for the wireless connection, assign “Bluetooth” asset posture in VMS to the workstation (or PDA) asset and complete Bluetooth checks assigned to the workstation(or PDA).

Check Procedures:

Verify the appropriate VMS wireless posture has been assigned to the workstation asset and the appropriate checks have been completed. Mark as a finding if the requirements are not met.

NOTE: Currently, no wireless keyboards or mice meet these requirements. If the wireless mouse/keyboard is using a proprietary RF protocol (i.e., not Bluetooth or 802.11), then apply the Bluetooth checks.
Fix Text (F-19256r1_fix)
Comply with requirement.