From Voice Video Policy Security Technical Implementation Guide
Part of SRG-POL-300605
Associated with: CCI-001639
Organizations consider rules of behavior based on individual user roles and responsibilities. Rules of behavior for both organizational and non-organizational users are essential for general unclassified communications and other specific or classified communications, which may require restrictions for those who may participate. The signed acknowledgment (user agreement) may be satisfied by the security awareness training and role-based security training programs conducted by organizations if such training includes rules of behavior.
Review the organizational Voice Video training plan. Verify the plan includes user training regarding Voice Video endpoints with camera or video capability to potentially pick up and transmit sensitive or classified information. Prior to operating unclassified Voice Video endpoints with camera or video capability, users must be trained specifically on the following: - Conference room and office users do not display sensitive or classified information on walls within view of cameras. - Conference room and office users do not place sensitive or classified information on tables or desks within view of cameras without proper protection (e.g., proper cover). - Conference room and office users do not read or view sensitive or classified information at such an angle that cameras could focus on it. - Potential for cameras to be activated inadvertently and relevant mitigations. - PTZ capabilities of the camera and video enhancement. If the organizational Voice Video training plan does not include user training regarding Voice Video endpoints with camera or video capability to potentially pick up and transmit sensitive or classified information, this is a finding. NOTE: This requirement is relevant for all session classification levels. The session classification is dependent on the classification of the network and facility. Classified communications may occur at the same level as the network and facility, but communications at a lower classification or no classification (e.g., Unclassified or For Official Use Only [FOUO]) may also occur in the same environment.
Document in the organizational Voice Video training plan training material includes Voice Video endpoints with camera or video capability to potentially pick up and transmit sensitive or classified information. Ensure that, prior to operating unclassified Voice Video endpoints with camera or video capability, users are trained specifically on the following: - Conference room and office users do not display sensitive or classified information on walls within view of cameras. - Conference room and office users do not place sensitive or classified information on tables or desks within view of cameras without proper protection (e.g., proper cover). - Conference room and office users do not read or view sensitive or classified information at such an angle that cameras could focus on it. - Potential for cameras to be activated inadvertently and related mitigations. - PTZ capabilities of the camera and video enhancement.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer