The MAM server must scan the list of installed applications on managed mobile devices every 6 hours or less to determine if unapproved applications are installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32771 | WIR-WMS-MAM-05 | SV-43117r1_rule | ECAT-1 | High |
| Description |
|---|
| An unauthorized application could contain malware or be a malware application. |
| STIG | Date |
|---|---|
| Mobile Application Management (MAM) Server Security Technical Implementation Guide (STIG) | 2013-05-08 |
Details
| Check Text ( C-41105r8_chk ) |
|---|
| Note: For some implementations, this requirement may be accomplished by the MDM server rather than the MAM server. If that is the case for the system under review, perform the following procedure for the MDM server instead of the MAM server: -Verify the MAM server scans the list of installed applications on managed mobile devices on a predefined periodic basis (at least every 6 hours). The MAM server must be able to scan for both managed and unmanaged applications in both work and non-work environments on the device (if the device supports more than one environment). -Talk to the site system administrator and have them show these capabilities exist in the MAM server. Also, review MAM product documentation. Mark as a finding if the MAM server does not have required features. |
| Fix Text (F-36653r4_fix) |
|---|
| Use a MAM product that scans the list of installed applications on managed mobile devices on a predefined periodic basis. |