|Finding ID||Version||Rule ID||IA Controls||Severity|
|Classified data could be compromised since Bluetooth (and Zigbee) devices do not meet DoD encryption requirements for classified data.|
|Bluetooth/Zigbee Security Technical Implementation Guide (STIG)||2014-03-18|
|Check Text ( C-11516r1_chk )|
| NOTE: The check also applies to Wireless USB (WUSB) devices. This check does not apply to wireless email devices (Blackberry, Windows Mobile, etc.). See the appropriate wireless email device checklist for Bluetooth requirements for these devices. |
Verify compliance by reviewing the user agreement or security briefing to see if personnel have been properly instructed in the policy that devices with Bluetooth radios cannot be used for or around classified. Mark as a finding if the user agreement or security briefing does not exist or does not adequately cover the requirement.
|Fix Text (F-34124r1_fix)|
|Ensure the users are trained on need to comply with this requirement and/or site procedures document the policy.|