UCF STIG Viewer Logo

PDA/Smartphone Security Technical Implementation Guide


Overview

Date Finding Count (14)
2011-10-07 CAT I (High): 1 CAT II (Med): 11 CAT III (Low): 2
STIG Description
This STIG contains the technical security controls for the operation of a PDA or Smartphone in the DoD environment.

Available Profiles



Findings (MAC II - Mission Support Classified)

Finding ID Severity Title
V-25007 High The PDA/smartphone must be configured to require a passcode for device unlock.
V-14202 Medium FIPS 140-2 validated encryption modules must be used to encrypt unclassified sensitive data at rest on the wireless device (e.g., laptop, PDA, smartphone).
V-30358 Medium DoD network users authorized to remotely connect to a DoD network from a residential WLAN must configure the access point with a strong pre-shared key (PSK) passcode.
V-25016 Medium The device minimum password/passcode length must be set as required.
V-25022 Medium PDAs/smartphones must display the required banner during device unlock/ logon.
V-19897 Medium All wireless PDA clients used for remote access to DoD networks must have a VPN capability that supports AES encryption.
V-25011 Medium Password/passcode maximum failed attempts must be set to the required value.
V-14275 Medium DoD-licensed anti-malware software will be installed on all wireless clients (e.g., PDAs and smartphones) and non-wireless PDAs.
V-19899 Medium Wireless PDA VPNs must operate with split tunneling disabled.
V-19898 Medium All wireless PDA clients used for remote access to a DoD network must have a VPN capability that supports CAC authentication.
V-18627 Medium The VPN client on wireless clients (PDAs, smartphones) used for remote access to DoD networks must be FIPS 140-2 validated.
V-18625 Medium PDA and Smartphones that are connected to DoD Windows computers via a USB connection must be compliant with requirements.
V-25009 Low Maximum password/passcode age must be set as required.
V-18621 Low A personal firewall must be implemented on each PDA / smartphone that is used to connect to the Internet or DoD network.