DISA STIGS Viewer

If the BlackBerry Presence service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured with the whitelisting control to limit presence subscriptions to only single domain/tenant.

Overview

Finding ID Version Rule ID IA Controls Severity
V-254731 BEMS-03-015000 SV-254731r879887_rule   Low
Description
Whitelisting in Presence subscriptions is used to control which internal and federated environments can be subscribed to. Presence subscriptions should be limited to only DOD environments to control who has access to presence information on DOD users. This is an operational security (OPSEC) issue.
STIG Date
BlackBerry Enterprise Mobility Server 3.x Security Technical Implementation Guide 2023-05-17

Details

Check Text (C-58342r861916_chk)
This requirement is not applicable if the Presence service is not enabled on BEMS.

Verify that Domain whitelisting has been configured.

1. Under the BlackBerry Service Configuration select "Presence".
2. Select "Settings".
3. Confirm "Enable domain whitelisting" has been checked.

If "Enable domain whitelisting" is not selected, this is a finding.
Fix Text (F-58288r861917_fix)
Configure Domain Whitelisting for the Presence service.

1. Under the BlackBerry Service Configuration select "Presence".
2. Select "Settings".
3. Confirm "Enable domain whitelisting" has been checked.
4. Click the plus sign and add the domain to whitelist.