STIGQter STIGQter: STIG Summary: Mobile Device Policy Security Technical Implementation Guide (STIG) Version: 2 Release: 6 Benchmark Date: 26 Jul 2019: All wireless/mobile systems (including associated peripheral devices, operating system, applications, network/PC connection methods, and services) must be approved by the approval authority prior to installation and use for processing DoD information.

DISA Rule

SV-8778r7_rule

Vulnerability Number

V-8283

Group Title

Wireless/mobile systems authorized prior to use

Rule Version

WIR0005

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Obtain AO approval prior to wireless systems being installed and used.

Check Contents

1. Request copies of written AO approval documentation for wireless/mobile devices used by the site.

2. Verify AO approval for wireless/mobile devices in use at the site.

Note: The AO approval for wireless/mobile systems does not need to be documented separately from other AO approval documents for the site network, as long as the approval documents list the wireless/mobile systems in use at the site. For example, if a site network ATO lists the wireless system, the ATO meets the requirements of this check.

If the AO has not approved all wireless/mobile devices used at the site, this is a finding.

Vulnerability Number

V-8283

Documentable

False

Rule Version

WIR0005

Severity Override Guidance

1. Request copies of written AO approval documentation for wireless/mobile devices used by the site.

2. Verify AO approval for wireless/mobile devices in use at the site.

Note: The AO approval for wireless/mobile systems does not need to be documented separately from other AO approval documents for the site network, as long as the approval documents list the wireless/mobile systems in use at the site. For example, if a site network ATO lists the wireless system, the ATO meets the requirements of this check.

If the AO has not approved all wireless/mobile devices used at the site, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Manager

Target Key

3521

Comments