Check: BBDS-00-000200
BBDS10 2 X STIG:
BBDS-00-000200
(in version v1 r5)
Title
BlackBerry Web Desktop Manager must be configured to permit users to activate new BlackBerry devices only. (Cat II impact)
Discussion
The overall security posture of the BlackBerry system is dependent on strict configuration management controls, including ensuring only authorized BlackBerry devices are being used and authorized devices are provisioned as required. When these configurations are not set as required, users may have the capability to activate unauthorized BlackBerry devices.
Check Content
Verify the BlackBerry Administration Service (BAS) has been configured to permit users to activate new BlackBerry devices only. Otherwise, this is a finding.
Fix Text
BlackBerry Administration Service is configured to permit users to activate new BlackBerry devices only via BlackBerry Web Desktop Manager. Log into the BAS as an administrator with Security Administrator role. Under "Organization Administration", expand "Organization". - Click "My organization". - Click the "BlackBerry Web Desktop Manager Information" tab. - On the "Allowed user operations", verify "Allow user wireline activation:" is set to "Activate unused PIN only".
Additional Identifiers
Rule ID:
Vulnerability ID: V-48561
Group Title:
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000370 |
The organization employs automated mechanisms to centrally manage configuration settings for organization-defined information system components. |
Controls
| Number | Title |
|---|---|
| CM-6 (1) |
Automated Central Management / Application / Verification |