Title

IT Policy rule Disable organizer data access for social networking applications (Value-Added Applications policy group) must be set as required. (Cat III impact)

Discussion

This rule specifies whether a BlackBerry® device must prevent social networking applications from accessing organizer data. BlackBerry organizer (calendar, notes, and contacts) may contain sensitive DoD information that could be exposed to the public if social networking applications had access to it.

Check Content

Detailed Policy Requirements: *****For this check, set IT Policy rule "Disable organizer data access for social networking applications" (Value-Added Applications policy group) to "Yes". Check Procedures: This is a BES IT Policy check. Recommend all checks related to BES IT policies be reviewed using the procedure in Check WIR1400-01 (V0003545). *****Verify IT Policy rule "Disable organizer data access for social networking applications" (Value-Added Applications policy group) is set as required.

Fix Text

Set IT Policy rule "Disable organizer data access for social networking applications" (Value-Added Applications policy group) to "Yes".

Additional Identifiers

Rule ID: SV-25489r3_rule

Vulnerability ID: V-22053

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.