Unclassified wireless devices must not be allowed in a Sensitive Compartmented Information Facility (SCIF) unless approved by the SCIF Cognizant Security Authority (CSA) in accordance with Intelligence Community Directive (ICD) 503, ICD 705, DIA SCIF policy requirements, the Authorizing Official (AO) and local Special Security officer (SSO).

From Network Infrastructure Policy Security Technical Implementation Guide

Part of Wireless devices in SCIFs are DCID/ICD compliant

SV-12625r6_rule Unclassified wireless devices must not be allowed in a Sensitive Compartmented Information Facility (SCIF) unless approved by the SCIF Cognizant Security Authority (CSA) in accordance with Intelligence Community Directive (ICD) 503, ICD 705, DIA SCIF policy requirements, the Authorizing Official (AO) and local Special Security officer (SSO).

Vulnerability discussion

Emanations from computing devices in the secured area may be transmitted or picked up inadvertently by wireless devices.

Check content

Work with the traditional reviewer or interview the ISSO or SM. Determine if the site SCIF CSA has approved wireless CMDs in the site SCIFs. Determine if the SCIF CSA has approved wireless devices in site SCIFs. Ask for approval documentation. If wireless devices are allowed in site SCIFs without required approval, this is a finding.

Fix text

Train users to comply with this requirement as well as site procedures document and include the requirement in the site User Agreement.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.