UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MAM server must manage a list of authorized applications (white list) by device account and by group account.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32769 WIR-WMS-MAM-03 SV-43115r1_rule DCPR-1 High
Description
Application white list enforcement ensures only authorized applications are installed on managed mobile devices. An unauthorized application could contain malware. In addition, the white list feature ensures malware from an email attachment or from a web site has not been installed on the device.
STIG Date
Mobile Application Management (MAM) Server Security Technical Implementation Guide (STIG) 2013-01-17

Details

Check Text ( C-41103r7_chk )
Verify the MAM server can manage a list of authorized applications (white list) by device account and by group account. Talk to the site system administrator and have them show this capability exists in the MAM server. Also, review MAM product documentation.

Mark as a finding if the MAM server does not have required features and is not configured as required.
Fix Text (F-36651r5_fix)
Use a MAM product that can manage a list of authorized applications (white list) by device account and by group account.