From Mobile Policy Security Requirements Guide
Part of SRG-MPOL-083
Associated with: CCI-001028
If appropriate procedures are not followed prior to disposal of a CMD, an adversary may be able to obtain sensitive DoD information or learn aspects of the configuration of the device that might facilitate a subsequent attack.
This requirement applies to mobile operating system (OS) CMDs. Prior to disposing of a CMD or if the CMD is transferred to another DoD or government agency, follow the disposal procedures found in the appropriate security implementation guide for the CMD of interest. Verify proper procedures are being followed and the procedures are documented. Check to see how retired, discarded, or transitioned CMDs were disposed of during the previous 6 - 12 months and verify compliance with requirements. If procedures are not documented or if documented, they were not followed, this is a finding.
Prior to disposing of a CMD or transitioning it to another user, either in DoD or another agency, follow required procedures.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer