Check: WIR1310-04
BlackBerry Enterprise Server, Part 2:
WIR1310-04
(in versions v2 r10 through v2 r8)
Title
Non-core applications used on the BlackBerry must be approved. (Cat III impact)
Discussion
Unapproved applications could include malware or introduce other vulnerabilities to the BlackBerry system and enclave.
Check Content
Detailed Policy Requirements: All applications listed in each Application White list must be approved by either the AO or by the IT configuration control board that reviews and approves workstation applications. Recommend sites use the same or similar process used to approve desktop applications to select, review, test, and approve BlackBerry applications. Check Procedures: For each Application White list assigned to BES user accounts, verify the site has documentation showing the applications are approved by the AO (or who the AO has designated as the approval authority for the site).
Fix Text
Comply with DoD policy.
Additional Identifiers
Rule ID: SV-21091r3_rule
Vulnerability ID: V-19202
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |