STIGQter STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:

Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Keypad Device Protection: Keypad devices designed or installed in a manner that an unauthorized person in the immediate vicinity cannot observe the selection of input numbers.

DISA Rule

SV-41944r3_rule

Vulnerability Number

V-31657

Group Title

Vault/Secure Room Storage Standards - Automated Entry Control System (AECS) Keypad Device Protection

Rule Version

IS-02.03.01

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Ensure that keypad devices (cipher locks or PIN pads for card readers) are designed or installed in such a manner that an unauthorized person in the immediate vicinity cannot observe the selection of input numbers. During initial, annual refresher training and when key cards with PINs are issued advise persons using the keypad devices of the risk of someone overseeing their PIN and encourage them to use appropriate caution to shield their selection of numbers.

Check Contents

Requirements Summary:
Keypad devices (cipher locks or PIN pads for card readers) shall be designed or installed in such a manner that an unauthorized person in the immediate vicinity cannot observe the selection of input numbers.

CHECKS:
Check to ensure that all keypad devices are properly shielded and/or that persons using these devices have been advised by site security and are aware of the risk of having someone in the vicinity view their PIN as it is entered and that they are exercising due care to shield entry of their PIN.

Verification of employee awareness can be obtained by observing SOPs or employee training records reflecting a warning or requirement to shield entry of PINs.

TACTICAL ENVIRONMENT: This check is applicable where Vaults/Secure Rooms are used to protect classified materials or systems in a tactical environment. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.

Vulnerability Number

V-31657

Documentable

False

Rule Version

IS-02.03.01

Severity Override Guidance

Requirements Summary:
Keypad devices (cipher locks or PIN pads for card readers) shall be designed or installed in such a manner that an unauthorized person in the immediate vicinity cannot observe the selection of input numbers.

CHECKS:
Check to ensure that all keypad devices are properly shielded and/or that persons using these devices have been advised by site security and are aware of the risk of having someone in the vicinity view their PIN as it is entered and that they are exercising due care to shield entry of their PIN.

Verification of employee awareness can be obtained by observing SOPs or employee training records reflecting a warning or requirement to shield entry of PINs.

TACTICAL ENVIRONMENT: This check is applicable where Vaults/Secure Rooms are used to protect classified materials or systems in a tactical environment. The only exception will be for urgent (short term) tactical operations or other contingency situations where fixed facilities and equipment are not yet present or incapable of being used.

Check Content Reference

M

Target Key

2506

Comments