UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MDIS server must employ automated mechanisms to detect the presence of unauthorized software on managed mobile devices.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32750 WIR-WMS-MDIS-03 SV-43096r1_rule ECAT-1 High
Description
Detection of possible compromise of a DoD mobile device is a key security control to insure the compromise does not result in the exposure of sensitive DoD data or lead to a successful attack on the DoD network. Automated methods are the only viable way to scan and report on more than a handful of managed devices.
STIG Date
Mobile Device Integrity Scanning (MDIS) Server Security Technical Implementation Guide (STIG) 2013-01-17

Details

Check Text ( C-41083r12_chk )
Verify the MDIS server implements automated mechanisms to detect the presence of unauthorized software on managed mobile devices. Talk to the site system administrator and have them show this capability exists in the MDIS server and is enabled. Also, review MDIS product documentation.

Mark as a finding if the MDIS server does not have required features.
Fix Text (F-36631r9_fix)
Use an MDIS product that provides automated mechanisms to detect the presence of unauthorized software on managed mobile devices.