The physical use of mobile e-mail devices near classified data will be disallowed unless expressly authorized

Status: Live

The organization will ensure that the physical use of mobile e-mail devices near classified data is disallowed unless expressly authorized. [UCF ID 04597]

Supporting and supported controls

This control directly supports:

Establish and maintain physical security of distributed IT assets [UCF Control ID 00718]

There are no supporting controls.

Authority documents complied with:

Army Regulation 380-19: Information Systems Security, February 27, 1998, § 2-27.e; DISA Wireless STIG Apriva Sensa Secure Wireless Email System Security Checklist, V5R2.2, Version 5 Release 2.2, § 2.2 (WIR1020), § 2.2 (WIR1040); DISA WIRELESS STIG BLACKBERRY SECURITY CHECKLIST, Version 5, Release 2.4, Version 5 Release 2.4, § 2.1 (WIR0225); DISA Wireless STIG Motorola Good Mobile Wireless Email System Security Checklist, V5R2.3, Version 5 Release 2.3, § 2.1 (WIR1020), § 2.1 (WIR1040); DISA Wireless STIG Windows Mobile Messaging Wireless EChecklist Version 5,Release 2.4, Version 5 Release 2.4, § 2.2 (WIR2020), § 2.2 (WIR2040)

US Federal Security Guidance

Laptop computers should not be allowed to enter or exit sensitive compartmented information (SCI) facilities. [§ 2-27.e, Army Regulation 380-19: Information Systems Security, February 27, 1998]

Other Configuration Guidance

Wireless e-mail devices should not be used to send, receive, process, or store classified messages and should not be connected to classified networks or systems. [§ 2.2 (WIR1020), § 2.2 (WIR1040), DISA Wireless STIG Apriva Sensa Secure Wireless Email System Security Checklist, V5R2.2, Version 5 Release 2.2]

Two-way, e-mail devices should not be used near classified data, unless the device has been approved for use in the facility or the equipment is separated by a predetermined distance from the classified equipment and appropriate countermeasures are implemented. [§ 2.1 (WIR0225), DISA WIRELESS STIG BLACKBERRY SECURITY CHECKLIST, Version 5, Release 2.4, Version 5 Release 2.4]

Wireless e-mail devices should not be used to send, receive, process, or store classified messages and should not be connected to classified networks or systems. [§ 2.1 (WIR1020), § 2.1 (WIR1040), DISA Wireless STIG Motorola Good Mobile Wireless Email System Security Checklist, V5R2.3, Version 5 Release 2.3]

Wireless two-way e-mail devices should not be used to send, receive, process, or store classified messages and wireless e-mail devices should not be connected to classified networks or systems. [§ 2.2 (WIR2020), § 2.2 (WIR2040), DISA Wireless STIG Windows Mobile Messaging Wireless EChecklist Version 5,Release 2.4, Version 5 Release 2.4]