From Mobile Policy Security Requirements Guide
Part of SRG-MPOL-086
Associated with: CCI-001531
Lack of user training and understanding of responsibilities to safeguard wireless technology is a significant vulnerability to the enclave. Once policies are established, users must be trained to these requirements or the risk to the network remains. User agreements are particularly important for mobile and remote users since there is a high risk of loss, theft, or compromise. Thus, this signed agreement is a good best practice to help ensure the site is confirming the user is aware of the risks and proper procedures.
The user agreements must include DAA authorized tasks for the mobile device and relevant security requirements, including, the DoD CIO Memorandum, "Policy on Use of Department of Defense (DoD) Information Systems Standard Consent Banner and User Agreement," 9 May 2008. Inspect a copy of the site's user agreement. Verify the user agreement has the minimum elements required IAW the DoD CIO Memorandum. If the site user agreements do not exist or are not compliant with the minimum requirements, this is a finding.
Develop and publish policy mandating all users sign a user agreement before they are issued a mobile or wireless device.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer