STIGQter: STIG Summary: Mobile Device Policy Security Technical Implementation Guide (STIG) Version: 2 Release: 6 Benchmark Date: 26 Jul 2019:

Site physical security policy must include a statement outlining whether mobile devices with digital cameras (still and video) are permitted or prohibited on or in this DoD facility.

DISA Rule

SV-30690r5_rule

Vulnerability Number

V-24953

Group Title

Site mobile device camera policy

Rule Version

WIR-SPP-001

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Update the security documentation to include a statement outlining whether mobile devices with digital cameras (still and video) are allowed in the facility.

Check Contents

This requirement applies to mobile operating system (OS) mobile devices.

Work with traditional reviewer to review site’s physical security policy. Verify the policy addresses mobile devices CMDs with embedded cameras.

If there is no written physical security policy outlining whether mobile devices with cameras are permitted or prohibited on or in this DoD facility, this is a finding.

Vulnerability Number

V-24953

Documentable

False

Rule Version

WIR-SPP-001

Severity Override Guidance

This requirement applies to mobile operating system (OS) mobile devices.

Work with traditional reviewer to review site’s physical security policy. Verify the policy addresses mobile devices CMDs with embedded cameras.

If there is no written physical security policy outlining whether mobile devices with cameras are permitted or prohibited on or in this DoD facility, this is a finding.

Check Content Reference

M

Responsibility

Security Manager

Target Key

3521

Comments