Check: WIR-MOS-NS-050-04
BlackBerry Playbook Tablet OS 1.x:
WIR-MOS-NS-050-04
(in version v1 r1)
Title
Connecting mobile devices to user social media web accounts (Facebook, Twitter, etc.) must be based on the Command’s Mobile Device Personal Use Policy. (Cat III impact)
Discussion
The risk of connecting to user social media web accounts on a non-DoD-network connected mobile device that does not contain sensitive or classified DoD data/information should be evaluated by the DAA against mission need and how the device is intended to be used. There is a risk that connecting to user social media web accounts could introduce malware on the device, which could impact the performance of the device and corrupt non-sensitive data stored on the device.
Check Content
Check a sample (2-3) of mobile devices managed at the site and are not authorized to connect to a DoD network or store or process sensitive or classified DoD information. Review the Command’s Mobile Device Personal Use Policy. Determine if the mobile device is being used to connect to user social media web accounts. Look for social media icons on the device and talk to the user. The exact procedure will vary, depending on the mobile OS. If the device is being used to connect to user social media accounts, determine if these applications are authorized by the Command’s Mobile Device Personal Use Policy. Mark as a finding if the device is being used to connect to unauthorized user social media accounts. This check is not applicable if the Command’s Mobile Device Personal Use Policy allows connecting to user social media web accounts.
Fix Text
Train user to not connect to unauthorized social media web sites unless authorized by the Command’s Mobile Device Personal Use Policy.
Additional Identifiers
Rule ID:
Vulnerability ID: V-30419
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |