The Good Mobility Suite email client must either block or convert all active content in email (HTML, RTF, etc.) to text before the email is forwarded to the mobile device.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-53097 | GOOD-00-000020 | SV-67313r1_rule | Low |
| Description |
|---|
| HTML code embedded in emails can contain links to malicious sites. Requiring that all emails are viewed in plain text helps remediate phishing attempts. |
| STIG | Date |
|---|---|
| Good for Enterprise 8.x Security Technical Implementation Guide | 2014-08-18 |
Details
| Check Text ( C-54601r1_chk ) |
|---|
| Review the Good Mobility Suite configuration to determine if the mobile email server/client either blocks or converts all active content in email (HTML, RTF, etc.) to text before the email is forwarded to the mobile device. Otherwise, this is a finding. |
| Fix Text (F-57907r1_fix) |
|---|
| Configure the Good Mobility Suite to either block or convert all active content in email (HTML, RTF, etc.) to text before the email is forwarded to the mobile device. Verify that the following registry entry exists on servers running the Good GMM/ Good Link Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GoodLinkServer\parameters\sync] "HtmlEmail"=0 |