The MAM server must install required applications on managed mobile devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32768 | WIR-WMS-MAM-02 | SV-43114r1_rule | DCPR-1 | Low |
| Description |
|---|
| Some required applications are used to implement required security controls, which affect the security baseline of the device. If the security baseline is not maintained, sensitive DoD data and the enclave could be at risk of being compromised because the security baseline of the device has been compromised. |
| STIG | Date |
|---|---|
| Mobile Application Management (MAM) Server Security Technical Implementation Guide (STIG) | 2013-05-08 |
Details
| Check Text ( C-41102r4_chk ) |
|---|
| Verify the MAM server can install required applications on managed mobile devices. The MAM should not install applications on the mobile device without user acceptance of the installation. Talk to the site system administrator and have them show this capability exists in the MAM server. Also, review MAM product documentation. Mark as a finding if the MAM server does not have required features. |
| Fix Text (F-36650r2_fix) |
|---|
| Use a MAM product that can install required applications on managed mobile devices and does not install applications on the mobile device without user acceptance of the installation. |