Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Authentication on system administration accounts for mobile management servers must be configured to support CTO 07-15 Rev 1 requirements.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-26564 | WIR-WMS-GD-011 | SV-33591r2_rule | IAIA-1 IATS-1 | High |
| Description |
|---|
| CTO 07-15 Rev 1 requires administrator accounts use either CAC authentication or use complex passwords to ensure strong access control is enforced. This is best enforced by requiring the server support AD authentication. |
| STIG | Date |
|---|---|
| Mobile Device Management (MDM) Server Security Technical Implementation Guide (STIG) | 2013-01-17 |
Details
| Check Text ( C-34053r4_chk ) |
|---|
| Review the admin accounts settings on the mobile management server to verify CTO 07-15 Rev 1 required authentication is enabled for admin accounts. The check procedure will depend on the mobile management server product used. Mark as a finding if site admin accounts do not meet the requirements. |
| Fix Text (F-29731r2_fix) |
|---|
| Configure required authentication on system administration accounts for mobile management servers. |