Free DISA STIG and SRG Library | Vaulted

V-19202

Non-core applications used on the BlackBerry must be approved.

Finding ID
WIR1310-04
Rule ID
SV-21091r3_rule
Severity
Cat III
CCE
(None)
Group Title
Use approved BlackBerry applications
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

Unapproved applications could include malware or introduce other vulnerabilities to the BlackBerry system and enclave.

Fix Text

Comply with DoD policy.

Check Content

Detailed Policy Requirements: All applications listed in each Application White list must be approved by either the AO or by the IT configuration control board that reviews and approves workstation applications. Recommend sites use the same or similar process used to approve desktop applications to select, review, test, and approve BlackBerry applications. Check Procedures: For each Application White list assigned to BES user accounts, verify the site has documentation showing the applications are approved by the AO (or who the AO has designated as the approval authority for the site).

Responsibility

System Administrator