STIGQter: STIG Summary: Mobile Device Policy Security Technical Implementation Guide (STIG) Version: 2 Release: 6 Benchmark Date: 26 Jul 2019:

All wireless/mobile systems (including associated peripheral devices, operating system, applications, network/PC connection methods, and services) must be approved by the approval authority prior to installation and use for processing DoD information.

DISA Rule

SV-8778r7_rule

Vulnerability Number

V-8283

Group Title

Wireless/mobile systems authorized prior to use

Rule Version

WIR0005

Severity

CAT I

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Obtain AO approval prior to wireless systems being installed and used.

Check Contents

1. Request copies of written AO approval documentation for wireless/mobile devices used by the site.

2. Verify AO approval for wireless/mobile devices in use at the site.

Note: The AO approval for wireless/mobile systems does not need to be documented separately from other AO approval documents for the site network, as long as the approval documents list the wireless/mobile systems in use at the site. For example, if a site network ATO lists the wireless system, the ATO meets the requirements of this check.

If the AO has not approved all wireless/mobile devices used at the site, this is a finding.

All wireless/mobile systems (including associated peripheral devices, operating system, applications, network/PC connection methods, and services) must be approved by the approval authority prior to installation and use for processing DoD information.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments