Free DISA STIG and SRG Library | Vaulted
  1. Security Guide Library
  2. BlackBerry OS 7.x.x Security Technical Implementation Guide
  3. V-19311

V-19311

BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.

Finding ID
WIR1040-03
Rule ID
SV-21228r3_rule
Severity
Cat II
CCE
(None)
Group Title
Bluetooth SCR usage -03
CCI
(None)
Target Key
(None)
Documentable
No
Discussion

Non-secure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack.

Fix Text

BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.

Check Content

Detailed Policy Requirements: When the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be followed: At the time of the publication of this document, the use of the BlackBerry SCR for authentication with PCs is only authorized with PCs that have Microsoft Windows XP. The Microsoft Vista and Windows 7 Bluetooth stack has not yet been tested with the BlackBerry SCR to determine if Bluetooth device pairing can be done in a secure manner and meets DoD security requirements. Check Procedures: Perform the following checks on site PCs used with the BlackBerry Bluetooth SCR: Interview the ISSO and SA and verify the BlackBerry SCR is not used with Windows Vista and Windows 7. BlackBerry users with Vista or Windows 7 on their PCs must be put in the BlackBerry users group not authorized to use the BlackBerry SCR with their PCs.

Responsibility

System Administrator

Vaulted is more than a library.

SIGN UP FOR FREE