UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MAM server must take predefined actions if unapproved applications are found after a scan of managed mobile devices.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34417 WIR-WMS-MAM-06 SV-45051r1_rule ECAT-1 High
Description
An unauthorized application could contain malware or be a malware application. If the malware is not removed in a timely manner, DoD data and the enclave could be at risk of being compromised because the security baseline of the device has been compromised.
STIG Date
Mobile Application Management (MAM) Server Security Technical Implementation Guide (STIG) 2013-05-08

Details

Check Text ( C-42428r2_chk )
Note: For some implementations, this requirement may be accomplished by the MDM server rather than the MAM server. If that is the case for the system under review, perform the following procedure for the MDM server:

-Verify the MAM server is configured so if a finding occurs during a scan, the server alerts the system administrator and disables or isolates unauthorized applications.

-Verify the MAM server has the capability to be configured by the system administrator to automatically delete unauthorized applications or wipe the mobile device after an unauthorized application is found. (These are optional settings that are recommended, but not required to be set by the system administrator.)

-Talk to the site system administrator and have them show these capabilities exist in the MAM server. Also, review MAM product documentation.

Mark as a finding if the MAM server does not have required features.
Fix Text (F-38462r1_fix)
Use a MAM product that takes predefined actions if unapproved applications are found on managed mobile devices after a scan.