Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IAO at the smartphone management server site will verify that local sites, where smartphones are provisioned, issued, and managed, are conducting annual self assessments.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-24971 | WIR-WMSP-002 | SV-30708r1_rule | ECWN-1 | Low |
| Description |
|---|
| The security integrity of the smartphone system depends on local sites where smartphone handhelds are provisioned and issued complying with STIG requirements. The risk of malware introduced on a handheld device and avenues of attack into the enclave via a smartphone device could result if STIG procedures are not followed. |
| STIG | Date |
|---|---|
| Wireless Management Server Policy Security Technical Implementation Guide | 2011-01-06 |
Details
| Check Text ( C-31135r1_chk ) |
|---|
| Annual self assessments will be conducted according to the appropriate smartphone STIGs, with the assessment results being entered into VMS/Component Provided Tracking Database. Verify the IAO of the site where the smartphone management server is located is tracking that local/remote sites (where smartphone devices are provisioned, issued, and managed) are conducting annual self assessments according to the appropriate smartphone STIGs. Verify the results of the assessments are being entered into VMS/Component Provided Tracking Database. Note: Command-level action should be considered for local sites that are not complying with STIG requirements for the provisioning, issuance, and managements of smartphones. |
| Fix Text (F-27605r1_fix) |
|---|
| The IAO at the smartphone management server site has verified that local sites are conducting annual self assessments. |