Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-53043 | GOOD-00-000570 | SV-67259r1_rule | Low |
Description |
---|
Cryptography is only as strong as the encryption modules/algorithms that are employed to encrypt the data. Strong encryption must be used to protect the integrity and confidentiality of the data. In this case, the CAC is the required mechanism for that protection. |
STIG | Date |
---|---|
Good for Enterprise 8.x Security Technical Implementation Guide | 2014-08-18 |
Check Text ( C-54547r1_chk ) |
---|
Review the Good Mobility Suite server configuration to verify the mobile email client S/MIME feature is fully interoperable with DoD PKI and CAC/PIV. CAC/PIV (hard token) and PKCS#12 (soft token) certificate stores must be supported. Otherwise, this is a finding. |
Fix Text (F-57853r2_fix) |
---|
Configure the Good Mobility Suite email client to utilize DoD PKI and CAC/PIV. -Launch the Good Mobile Control Web console and click on the Policies tab -Select the policy set for the smart phone and select Good For Enterprise Authentication -Verify Enable S/MIME is checked Optional: To enable CAC/PIV (hard token), ensure Good Vault is selected; otherwise, soft token will be the default. |