“Require CAC to be present” must be set.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-26561 | WIR-GMMS-003 | SV-33569r2_rule | IAIA-1 | Medium |
| Description |
|---|
| Sensitive DoD data is saved inside the security container app and could be exposed if strong authentication is not implemented. The security container stores sensitive DoD information. A hacker with access to the smartphone could easily gain access to the Good application if the required authentication control is not set. |
| STIG | Date |
|---|---|
| Mobile Device Management (MDM) Server Security Technical Implementation Guide (STIG) | 2013-01-17 |
Details
| Check Text ( C-34029r3_chk ) |
|---|
| This check is valid only with the Good Technology MDM server. It is Not Applicable (NA) for all other MDM servers. 1. Make a list of all iOS security policies listed on the MDM server that have been assigned to iOS devices and review each policy. 2. Select each policy set users are assigned to and, in turn, verify the required settings are in the policy set. - If “Authenticate with CAC PIN” is checked (CAC authentication is required) verify “Require CAC to be present” is also checked. Note: if “Authenticate with CAC PIN” is not checked, then “Require CAC to be present” does not need to be checked. Mark as a finding if the authentication setting is not set as required. -Note: If there is a finding, note the name of the policy set in the Findings Details section in VMS/Component Provided Tracking Database. |
| Fix Text (F-29713r1_fix) |
|---|
| Set “Require CAC to be present” to required value. |