UCF STIG Viewer Logo

All wireless PDA clients used for remote access to DoD networks must have a VPN supporting CAC authentication.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19898 WIR-MOS-AND-034-03 SV-35006r1_rule ECWN-1 Medium
Description
DoD data could be compromised if transmitted data is not secured with a compliant VPN.
STIG Date
Android 2.2 (Dell) Security Technical Implementation Guide 2014-08-26

Details

Check Text ( C-34882r1_chk )
This check is not applicable if the installed VPN client is not used for remote access to DoD networks.
Interview the IAO and/or site wireless device administrator and inspect a sample (3-4) of site devices. Verify the VPN client supports CAC authentication to the DoD network (recommend asking the site wireless device administrator to demo this capability). Mark as a finding if CAC authentication is not supported.

Fix Text (F-30399r1_fix)
Do not use the smartphone VPN client if it does not support CAC authentication.