UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Individual user accounts with passwords must be maintained for the Hardware Management Console operating system and application.


Overview

Finding ID Version Rule ID IA Controls Severity
V-24355 HMC0100 SV-30023r1_rule IAIA-1 IAIA-2 Medium
Description
Without identification and authentication, unauthorized users could reconfigure the Hardware Management Console or disrupt its operation by logging in to the system or application and execute unauthorized commands. The System Administrator will ensure individual user accounts with passwords are set up and maintained for the Hardware Management Console.
STIG Date
IBM HARDWARE MANAGEMENT CONSOLE (HMC) STIG 2014-04-10

Details

Check Text ( C-29861r1_chk )
Have the System Administrator prove that individual USER IDs are specified for each user and DD2875 are on file for each user.

If USERIDs are shared among multiple users and crresponding DD2875 forms do not exist for each user, then this is a FINDING.
Fix Text (F-26745r1_fix)
Have the System Administrator verify that all users of the Hardware Management Console are individually defined with USER IDs and passwords and that their roles and responsibilities are documented. Verify that a DD2875 exists for each USER ID.