Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-26564 | WIR-WMS-GD-011 | SV-33591r2_rule | IAIA-1 IATS-1 | High |
Description |
---|
CTO 07-15 Rev 1 requires administrator accounts use either CAC authentication or use complex passwords to ensure strong access control is enforced. This is best enforced by requiring the server support AD authentication. |
STIG | Date |
---|---|
Mobile Device Management (MDM) Server Security Technical Implementation Guide (STIG) | 2013-05-08 |
Check Text ( C-34053r4_chk ) |
---|
Review the admin accounts settings on the mobile management server to verify CTO 07-15 Rev 1 required authentication is enabled for admin accounts. The check procedure will depend on the mobile management server product used. Mark as a finding if site admin accounts do not meet the requirements. |
Fix Text (F-29731r2_fix) |
---|
Configure required authentication on system administration accounts for mobile management servers. |