If the BlackBerry Presence service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured with the whitelisting control to limit presence subscriptions to only single domain/tenant.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-254731 | SRG-APP-000516-AS-000237 | BEMS-03-015000 | SV-254731r879887_rule | 2023-05-17 | 1 |
| Description |
|---|
| Whitelisting in Presence subscriptions is used to control which internal and federated environments can be subscribed to. Presence subscriptions should be limited to only DOD environments to control who has access to presence information on DOD users. This is an operational security (OPSEC) issue. |
| ℹ️ Check |
|---|
| This requirement is not applicable if the Presence service is not enabled on BEMS. Verify that Domain whitelisting has been configured. 1. Under the BlackBerry Service Configuration select "Presence". 2. Select "Settings". 3. Confirm "Enable domain whitelisting" has been checked. If "Enable domain whitelisting" is not selected, this is a finding. |
| ✔️ Fix |
|---|
| Configure Domain Whitelisting for the Presence service. 1. Under the BlackBerry Service Configuration select "Presence". 2. Select "Settings". 3. Confirm "Enable domain whitelisting" has been checked. 4. Click the plus sign and add the domain to whitelist. |