Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-58933 | MSWP-81-100303 | SV-73363r1_rule | Medium |
Description |
---|
Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing such installations and executions could cause a compromise of DoD data accessible by these unauthorized/malicious applications. SFR ID: FMT_SMF.1.1 #10 |
STIG | Date |
---|---|
Microsoft Windows Phone 8.1 Security Technical Implementation Guide | 2015-03-26 |
Check Text ( C-59761r2_chk ) |
---|
This validation procedure is performed on both the MDM administration console and the Windows Phone mobile device. On the MDM administration console: 1. Display the policy that restricts the use of a Store application. 2. Verify that this policy is set to be disabled. On Windows Phone: 1. From the Start page or on the Applications page (swipe to the left from the Start page), find the Store application icon. NOTE: The Store icon should appear dim. 2. Tap on the Store app to attempt to launch it. A message should be displayed: "App disabled. This app has been disabled by company policy. Contact your company's support person for help." If the MDM does not have a policy that disables the Store application, or if the Windows Store app can be successfully launched, this is a finding. |
Fix Text (F-64325r1_fix) |
---|
Configure an application control policy using an MDM for Windows Phone 8.1 to disable the Store application. Deploy the policy to managed devices. |