UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Good Mobility Suite Server (Android OS) Security Technical Implementation Guide


Overview

Date Finding Count (32)
2011-12-14 CAT I (High): 4 CAT II (Med): 18 CAT III (Low): 10
STIG Description
This STIG provides technical security controls required for the use of the Good Mobility Suite with Android 2.2 (Dell version) mobile operating system devices in the DoD environment.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-24974 High The smartphone management server email system must be set up with the required system components in the required network architecture.
V-24975 High The smartphone management server host-based or appliance firewall must be installed and configured as required.
V-24976 High Security controls must be implemented on the smartphone management server for connections to back-office servers and applications.
V-26564 High Authentication on system administration accounts for wireless management servers must be configured.
V-25004 Medium A compliance rule must be setup in the server implementing jailbreak or rooting detection on smartphones.
V-25032 Medium Password access to the Good app on the smartphone must be enabled.
V-24994 Medium Inactivity lock must be set as required for the smartphone security/email client.
V-24995 Medium "Do not allow data to be copied from the Good application" must be checked.
V-24998 Medium The Over-The-Air (OTA) device provisioning PIN must have expiration set.
V-24992 Medium Maximum invalid password attempts must be set as required for the smartphone security/email client.
V-24993 Medium Data must be wiped after maximum password attempts reached for the smartphone security/email client.
V-24990 Medium Password minimum length must be set as required for the smartphone security/email client.
V-26729 Medium "Do not allow data to be copied into the Good application" must be checked in the Good security policy for the handheld.
V-26152 Medium S/MIME must be enabled on the Good server.
V-26135 Medium Password complexity must be set as required.
V-24972 Medium The required smartphone management server or later version must be used.
V-24973 Medium The host server where the smartphone management server is installed must be hardened according to the appropriate Application STIG (SQL, Apache Web Server, Apache Tomcat, IIS, etc.).
V-24978 Medium Smartphone user accounts must not be assigned to the default security/IT policy.
V-26561 Medium “Require CAC to be present” must be set.
V-26560 Medium Either CAC or password authentication must be enabled for user access to the Good app on the smartphone.
V-26562 Medium “Require both letters and numbers” must be set as required for the smartphone security/email client.
V-26563 Medium “Do not allow sequential numbers” must be set as required for the smartphone security/email client.
V-25002 Low A compliance rule must be set up in the server defining required smartphone hardware versions.
V-25030 Low If access is enabled to the Good app contacts lists by the smartphone, the list of contact information must be limited.
V-24999 Low OTA Provisioning PIN reuse must not be allowed.
V-24991 Low Repeated password characters must be disallowed for the Good app.
V-26728 Low A compliance rule must be set up on the server defining required Good client versions.
V-24977 Low The smartphone management server must be configured to control HTML and RTF formatted email.
V-25754 Low The PKI digital certificate installed on the wireless email management server must be a DoD PKI-issued certificate.
V-24989 Low Previously used passwords must be disallowed for security/email client on smartphone.
V-24988 Low Handheld password must be set as required.
V-24987 Low “Re-challenge for CAC PIN every” must be set.