• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box

  • Subject: Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box
  • From: "Rose, Scott W." <email@hidden>
  • Date: Thu, 27 Sep 2012 14:32:23 -0400
Not sure if a special review was done, but here (NIST), our CIO group has decided to treat them similar to Blackberries (which they replace most of the time) - so the same agency produced security plan (which addresses the appropriate FISMA controls from NIST SP 800-53) applies to them.  I'm not a FISMA expert, so if you talk to an agency CISO or auditor you'll probably get the gritty details that apply.  From my experience, it's basic stuff like patching, encryption, PII policy, etc.  I don't have an agency owned device so I don't know how they handle iCloud or Apple accounts - i.e. if it is a personal account or an agency account.  I do know the policy is to not install personally purchased apps on the device.

The logic was that iPhones are smartphones like Blackberries, and iPads with cellular connectivity are similar as well (minus the voice capability).  iPads without cellular connectivity are considered similar to laptops (i.e. WiFi).  

Scott

On Sep 27, 2012, at 2:18 PM, Todd Heberlein wrote:


On Sep 27, 2012, at 10:59 AM, "Rose, Scott W." <email@hidden> wrote:

The FISMA process defines systems that can be multiple physical machines, not by individual classifications of devices.  So depending on how the iPad/iPhone is used, it could be part of a system that falls under FISMA.

The usual shorthand is if the device "possesses or processes Federal information" then it would be part of a FISMA defined system.  Not always, but it depends on how the device is used.

OK. Let me rephrase the question. When an iPhone/iPad is used to process Federal information, have people looked at how the relevant NIST documents apply?

Todd



===================================
Scott Rose
NIST
email@hidden
+1 301-975-8439
Google Voice: +1 571-249-3671
http://www.dnsops.gov/
===================================
 

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >[Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box (From: "Sullivan, Matthew R CIV (US)" <email@hidden>)
 >Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box (From: "Villano, Paul Mr CIV USA TRADOC" <email@hidden>)
 >Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box (From: Todd Heberlein <email@hidden>)
 >Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box (From: "Rose, Scott W." <email@hidden>)
 >Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box (From: Todd Heberlein <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box
  • Next by Date: Re: [Fed-Talk] Software Updates in Mountain Lion?
  • Previous by thread: Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box
  • Next by thread: Re: [Fed-Talk] When did Fed-Talk turn into iPhone/iOS Chat Box
  • Index(es):
    • Date
    • Thread