The Good Mobility Suite server must specify a list of approved applications that must be installed on the mobile device and cannot be removed by the user.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-53051	GOOD-00-000530	SV-67267r1_rule		Medium

Description
DoD can perform due diligence on sources of software to mitigate the risk that malicious software is introduced to those sources. Therefore, if software is downloaded from a DoD-approved source, then it is less likely to be malicious than if it is downloaded from an unapproved source. To prevent access to unapproved sources, the operating system, in most cases, can be configured to disable user access to public application stores. In some cases, some applications are required for secure operation of the mobile devices controlled by the Good Mobility Suite. In these cases, the ability for users to remove the application is needed to ensure proper secure operations of the device.

Description

DoD can perform due diligence on sources of software to mitigate the risk that malicious software is introduced to those sources. Therefore, if software is downloaded from a DoD-approved source, then it is less likely to be malicious than if it is downloaded from an unapproved source. To prevent access to unapproved sources, the operating system, in most cases, can be configured to disable user access to public application stores. In some cases, some applications are required for secure operation of the mobile devices controlled by the Good Mobility Suite. In these cases, the ability for users to remove the application is needed to ensure proper secure operations of the device.

STIG	Date
Good for Enterprise 8.x Security Technical Implementation Guide	2014-08-18

Details

Check Text ( C-54555r1_chk )
Review the Good Mobility Suite server configuration to determine whether there is a list of approved applications that must be installed on the mobile device and cannot be removed by the user. Otherwise, this is a finding.

Fix Text (F-57861r2_fix)
Configure the Good Mobility Suite to specify a list of approved applications that must be installed on the mobile device and cannot be removed by the user. -Launch the Good Mobile Control Web console and click on the Policies tab -Select the policy set for the smart phone and select the Application Management tab -Verify Required applications have been assigned under Enterprise Applications and are marked as Managed under the 'Type' field -Click Save

Fix Text (F-57861r2_fix)

Configure the Good Mobility Suite to specify a list of approved applications that must be installed on the mobile device and cannot be removed by the user.

-Launch the Good Mobile Control Web console and click on the Policies tab
-Select the policy set for the smart phone and select the Application Management tab
-Verify Required applications have been assigned under Enterprise Applications and are marked as Managed under the 'Type' field
-Click Save