STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide

V-38742

CAT II (Medium)

BlackBerry PlayBook OS must authenticate devices before establishing remote network (e.g., VPN) connections using bidirectional cryptographically based authentication between devices.

Rule ID

SV-50547r1_rule

STIG

BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000780

Discussion

Without strong mutual authentication a mobile device may connect to an unauthorized network. In many cases, the user may falsely believe that the device is connected to an authorized network and then provide authentication credentials and other sensitive information. A strong bidirectional cryptographically based authentication method mitigates this risk.

Check Content

1. Navigate to "Options -> Security -> VPN".
2. Select the enterprise VPN Profile (Work VPN Profiles have a briefcase icon on the right hand side).
3. Verify "Authentication Type" is set to a bidirectional cryptographically based authentication, and greyed out. Otherwise, this is a finding.

Fix Text

On BlackBerry Device Service:
Create a VPN Profile with approved "Authentication Type" configured, and associate VPN Profile with IT Policy for the affected device.