The organization must explicitly specify in each sites physical security policy whether CMDs, containing cameras, are permitted at that site.

From Mobile Policy Security Requirements Guide

Associated with: CCI-000082

SV-47293r1_rule The organization must explicitly specify in each sites physical security policy whether CMDs, containing cameras, are permitted at that site.

Vulnerability discussion

CMDs with cameras are easily used to photograph sensitive information and areas if not addressed. Sites must establish, document, and train on how to mitigate this threat.

Check content

Review site's physical security policy. Verify the site addresses CMDs with embedded cameras. If there is no written physical security policy outlining whether CMDs with cameras are permitted or prohibited on or in the DoD facility, this is a finding.

Fix text

Update the security documentation to include a statement of whether CMDs with cameras (still and video) are allowed in the facility.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.