UCF STIG Viewer Logo

The Good Mobility Suite server must configure the mobile device agent to prohibit the download of software from a non-DoD approved source.


Overview

Finding ID Version Rule ID IA Controls Severity
V-53053 GOOD-00-000520 SV-67269r1_rule Medium
Description
DoD can perform due diligence on sources of software to mitigate the risk that malicious software is introduced to those sources. Therefore, if software is downloaded from a DoD-approved source, then it is less likely to be malicious than if it is downloaded from an unapproved source. To prevent access to unapproved sources, the operating system, in most cases, can be configured to disable user access to public application stores.
STIG Date
Good for Enterprise 8.x Security Technical Implementation Guide 2014-08-18

Details

Check Text ( C-54557r1_chk )
Review the Good Mobility Suite server configuration to determine if the mobile device agent prohibits the download of software from a DoD non-approved source. Otherwise, this is a finding.
Fix Text (F-57863r2_fix)
Configure the Good Mobility Suite mobile device agent to prohibit the download of software from a DoD non-approved source.

-Launch the Good Mobile Control Web console and click on the Policies tab
-Select the policy set for the smart phone
-On the left tab, select iOS Configuration and select the Restrictions Tab
-Verify Allow installing apps is unchecked