Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-53045 | GOOD-00-000560 | SV-67261r1_rule | Medium |
Description |
---|
Cryptography is only as strong as the encryption modules/algorithms that are employed to encrypt the data. Strong encryption must be used to protect the integrity and confidentiality of the data. In this case, S/MIME is the required mechanism for encryption of email. |
STIG | Date |
---|---|
Good for Enterprise 8.x Security Technical Implementation Guide | 2014-08-18 |
Check Text ( C-54549r1_chk ) |
---|
Review the Good Mobility Suite server configuration to verify the mobile email client provides S/MIME v3 (or later version) encryption of email. Otherwise, this is a finding. |
Fix Text (F-57855r2_fix) |
---|
Configure the Good Mobility Suite server to provide S/MIME v3 (or later version) encryption of email. -Launch the Good Mobile Control Web console and click on the Settings tab -On the left side, select Secure Messaging (S/MIME) -Verify Enable Secure Messaging (S/MIME) is checked and the LDAP and OCSP URL values are configured properly -Click on Save and proceed to the Policies tab -Select the policy set for the smart phone and select Good For Enterprise Authentication -Verify Enable S/MIME is checked Optional: To enable CAC/PIV (hard token), ensure Good Vault is selected; otherwise, soft token will be the default. |