UCF STIG Viewer Logo

MDM Server Policy Security Technical Implementation Guide (STIG)


Date Finding Count (6)
2019-05-17 CAT I (High): 1 CAT II (Med): 1 CAT III (Low): 4
STIG Description
This STIG contains the policy, training, and operating procedure security controls for the use of MDM servers in the DoD environment. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles

Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-24957 High If a data spill (Classified Message Incident (CMI)) occurs on a mobile device, the site must follow required data spill procedures.
V-24955 Medium Publish data spill procedures for mobile devices
V-24970 Low The mobile device management (MDM) server administrator must receive required training.
V-24962 Low The site Incident Response Plan or other procedure must include procedures to follow when a mobile operating system (OS) based mobile device is reported lost or stolen.
V-24969 Low Required actions must be followed at the site when a mobile device has been lost or stolen.
V-28313 Low MDM server administrator training must be renewed annually.