From Mobile Policy Security Requirements Guide
Part of SRG-MPOL-030
Associated with: CCI-001441
The DAA and site commander must be aware of all approved wireless devices used at the site or DoD data may be exposed to unauthorized individuals. Documentation of the enclave configuration must include all attached systems. If the current configuration cannot be determined, then it is difficult to apply security policies effectively. Security is particularly important for wireless technologies attached to the enclave network because these systems increase the potential for eavesdropping and other unauthorized access to network resources.
Review the site security plan. Wireless network devices, such as access points, laptops, CMDs, and wireless peripherals (keyboards, pointers, etc.) using a wireless network protocol, such as Bluetooth, Wi-Fi, or proprietary protocols must be documented in the site security plan. A general statement in the site security plan permitting the various types of wireless network devices used by the site is acceptable rather than a by-model listing, for example, "wireless devices of various models are permitted as long as they are configured in accordance with the Wireless STIG". If a DAA-approved site security plan does not exist or if it has not been updated, this is a finding.
Update the site security plan to include all devices connecting directly or indirectly (data synchronization) to the network.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer