Free DISA STIG and SRG Library | Vaulted


Only approved Bluetooth headset and handsfree devices must be used with site managed BlackBerry devices.

Finding ID
Rule ID
Cat II
Group Title
Bluetooth headset version
Target Key

Bluetooth usage could provide an attack vector for a hacker to connect to a BlackBerry device without the knowledge of the user. DoD data would then be vulnerable.

Fix Text

Use only approved Bluetooth headset and handsfree devices.

Check Content

Detailed Policy Requirements: The following Bluetooth headset and handsfree devices are approved: Biometric Associates, LP (BAL) blueARMOR family of headsets (blueARMOR 100, blueARMOR 105, and blueARMOR 200) with firmware version 1.5.x. Check Procedures: For the BAL headset, the only way to verify the device model number and firmware version is to check the Bluetooth device name of a paired headset. Have the user pair the device to the BlackBerry, if not already paired. On the BlackBerry handheld, go to Options > Networks and Connections > Bluetooth Connections and check the list of paired devices. The device name should be in the form of baiMobileBA100 V1.5.0. The reviewer should check a sample of BlackBerry devices at the site (2-3) and verify compliance. Note: If the site uses the FIXMO Sentinel Enterprise integrity verification tool, checking BlackBerry handhelds is not required. Have the system administrator show that the Sentinel server is configured to audit paired Bluetooth devices on site managed BlackBerry handhelds.