The organization must follow the incident handling policy if classified information is found on mobile devices.

From Mobile Policy Security Requirements Guide

Part of SRG-MPOL-052

Associated with: CCI-001458

SV-47286r1_rule The organization must follow the incident handling policy if classified information is found on mobile devices.

Vulnerability discussion

In spite of the best security policies, restrictive controls, and random review procedures, incidents of leakage of classified data to unclassified CMDs are bound to occur. In these instances, the organization must have a set of defined procedures to be implemented when classified data is discovered on CMD. Failure to have incident handling procedures defined could result in confusion in the proper handling of the incident by organization personnel, or, worst case, classified data being disclosed to unauthorized sources. This requirement applies to all CMDs.This requirement also applies to sensitive DoD information stored on CMDs that are not authorized to connect to DoD networks or store/process sensitive DoD information. Sensitive DoD data or information is defined as any data/information that has not been approved for public release by the site/Command Public Affairs Officer (PAO).

Check content

Review the organization's access control and security policy, incident handling procedures, and any other relevant documents. Ensure the organization has defined an incident handling policy with specific actions to be implemented when classified information has been found on mobile devices. Determine if the site has had a data spill within the previous 24 months. If yes, review written records, incident reports, and/or after action reports and determine if required procedures were followed. If the incident handling policy is not being followed, this is a finding.

Fix text

Follow all incident handling policy actions to be taken when classified information has been identified on mobile devices.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer