Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-82153 | M360-10-006300 | SV-96867r1_rule | Medium |
Description |
---|
Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. Since the MaaS360 MDM server has limited capability to store mobile device log files and perform analysis and reporting of mobile device log files, the MaaS360 MDM server must have the capability to transfer log files to an audit log management server. SFR ID: FMT_SMF.1.1(2) b FAU_STG_EXT.1.1(1) |
STIG | Date |
---|---|
IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide | 2019-08-06 |
Check Text ( C-81955r1_chk ) |
---|
Verify the site has set up access to web services to extract server logs. If the site has not set up access to server logs so the logs can be stored on another server for analysis and reporting, this is a finding. |
Fix Text (F-89007r1_fix) |
---|
The site system administrator must communicate with IBM to get access to web services to extract server logs. |