The Good Mobility Suite email client must set the Smart Card or Certificate Store Password caching timeout period to 120 minutes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-53041 | GOOD-00-000580 | SV-67257r1_rule | Medium |
| Description |
|---|
| Cryptography is only as strong as the encryption modules/algorithms that are employed to encrypt the data. Strong encryption must be used to protect the integrity and confidentiality of the data. In this case, the requirement states that Smart Card/Certificate Store password caching must time out. |
| STIG | Date |
|---|---|
| Good for Enterprise 8.x Security Technical Implementation Guide | 2014-08-18 |
Details
| Check Text ( C-54545r1_chk ) |
|---|
| Review the Good Mobility Suite server configuration to verify the mobile email client sets the Smart Card or Certificate Store Password caching timeout period to 120 minutes. Otherwise, this is a finding. |
| Fix Text (F-57851r2_fix) |
|---|
| Configure the Good Mobility Suite to set the Smart Card or Certificate Store Password caching timeout period to 120 minutes. -Launch the Good Mobile Control Web console and click on the Policies tab -Select the policy set for the smart phone and select Good For Enterprise Authentication -Verify Re-challenge for password every is checked and set to 120 minutes |