Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-47225 | BB10-2X-000410 | SV-60097r1_rule | Medium |
Description |
---|
The device acts as a personal hotspot when it accepts remote connections on a local area network interface for the purposes of routing traffic to a wide area network interface. The most common implementation is to accept local area Wi-Fi connections to reach ISP service provided by a cellular data carrier. The objective is to ensure the remote devices are not able to access any applications, data, or other operating system functionality on the device. A core assumption of the MOS SRG is that mobile devices do not serve applications to remote devices. This control concerns remote access to the device's OS; if remote access to applications and data were feasible, this would open up a wide variety of vulnerabilities in which an adversary with a remote wireless capability could breach system security. Precluding this possibility greatly mitigates the risk of such an attack. |
STIG | Date |
---|---|
BlackBerry 10.2.x OS Security Technical Implementation Guide | 2014-04-10 |
Check Text ( C-50051r1_chk ) |
---|
On BlackBerry Device Service, verify "Computer Access to Device" IT Policy rule is set to "Disallow". Otherwise, this is a finding. |
Fix Text (F-50929r1_fix) |
---|
On BlackBerry Device Service, set "Computer Access to Device" IT Policy rule to "Disallow". |