UCF STIG Viewer Logo

AirWatch MDM STIG


Overview

Date Finding Count (29)
2015-11-30 CAT I (High): 6 CAT II (Med): 20 CAT III (Low): 3
STIG Description
Developed by AirWatch in coordination with DISA for the DoD.

Available Profiles



Findings (MAC II - Mission Support Public)

Finding ID Severity Title
V-47355 High The AirWatch MDM Server device integrity validation component must identify the affected mobile device, severity of the finding, and provide a recommended mitigation.
V-47349 High The AirWatch MDM Server must perform required actions when a security related alert is received.
V-47299 High The AirWatch MDM Server must implement separation of administrator duties by requiring a specific role be assigned to each administrator account.
V-47335 High The AirWatch MDM Server must be able to detect if the security policy has been modified, disabled, or bypassed on managed mobile devices.
V-47353 High The AirWatch MDM Server device integrity validation component must use automated mechanisms to alert security personnel when the device has been jailbroken or rooted.
V-63317 High AirWatch MDM server versions that are no longer supported by the vendor for security updates must not be installed on a system.
V-47321 Medium The AirWatch MDM Server must configure the mobile device to prohibit the mobile device user from installing unapproved applications.
V-47327 Medium The AirWatch MDM Server must configure the mobile device agent to prohibit the download of software from a DoD non-approved source (e.g., DoD operated mobile device application store or AirWatch MDM Server).
V-47325 Medium The AirWatch MDM Server must configure the mobile device agent to prohibit the download of software from a DoD non-approved source (e.g., DoD operated mobile device application store or AirWatch MDM Server).
V-47329 Medium The AirWatch MDM Server must configure the mobile device agent to prohibit the download of software from a DoD non-approved source (e.g., DoD operated mobile device application store or AirWatch MDM Server).
V-47309 Medium The AirWatch MDM Server must centralize the review and analysis of audit records from multiple components within the server.
V-47347 Medium The AirWatch MDM Server must notify when it detects unauthorized changes to security configuration of managed mobile devices.
V-47341 Medium The AirWatch MDM Server device integrity validation component must employ automated mechanisms to detect the presence of unauthorized software on managed mobile devices and notify designated organizational officials in accordance with the organization-defined frequency.
V-47343 Medium The AirWatch MDM Server must terminate the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.
V-47303 Medium The AirWatch MDM Server must support the transfer of audit logs to remote log or management servers.
V-47337 Medium The AirWatch MDM Server must employ automated mechanisms to respond to unauthorized changes to the security policy or AirWatch MDM Server agent on managed mobile devices.
V-47331 Medium The AirWatch MDM Server must provide the administrative functionality to specify a list of approved applications that must be installed on the mobile device and cannot be removed by the user.
V-47333 Medium The AirWatch MDM Server must provide the administrative functionality to specify a list of approved applications that must be installed on the mobile device and cannot be removed by the user.
V-47339 Medium The AirWatch MDM Server must uniquely identify mobile devices managed by the server prior to connecting to the device.
V-47357 Medium The AirWatch MDM Server device integrity validation component must base recommended mitigations for findings on the identified risk level of the finding.
V-47319 Medium The AirWatch MDM Server must configure the mobile device to prohibit the mobile device user from installing unapproved applications.
V-47351 Medium The AirWatch MDM Server device integrity validation component must include the capability to notify an organization-defined list of response personnel who are identified by name and/or by role notifications of suspicious events.
V-48041 Medium The AirWatch MDM Server must record an event in the audit log each time the server makes a security relevant configuration change on a managed mobile device.
V-47317 Medium The AirWatch MDM Server must be capable of scanning the hardware version of managed mobile devices and alert if unsupported versions are found.
V-47345 Medium The AirWatch MDM Server must ensure authentication of both mobile device AirWatch MDM Server agent and server during the entire session.
V-47359 Medium The AirWatch MDM Server must back up audit records on an organization-defined frequency onto a different system or media than the system being audited.
V-47301 Low If the AirWatch MDM Server includes a mobile email management capability, the email client must either block or convert all active content in email (HTML, RTF, etc.) to text before the email is forwarded to the mobile device.
V-47307 Low The AirWatch MDM Server must utilize the integration of audit review, analysis, and reporting processes by an organizations central audit management system to support organizational processes for investigation and response to suspicious activities.
V-47313 Low The AirWatch MDM Server must automatically process audit records for events of interest based upon selectable, event criteria.