The MDM server must have the ability to retain a session lock remaining in effect until the user re-authenticates using established identification and authentication procedures.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36016 | SRG-APP-005-MDM-011-SRV | SV-47405r1_rule | High |
| Description |
|---|
| If the MDM server does not support a lock feature, then anyone who gains access to the application may be able to access sensitive DoD information or perform other authorized functions. The lock features mitigates the risk of unauthorized access. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44255r1_chk ) |
|---|
| Review the MDM server configuration to determine whether a lock feature is configured. If a lock feature is not configured, this is a finding. |
| Fix Text (F-40546r1_fix) |
|---|
| Configure the MDM server to retain a session lock remaining in effect until the user re-authenticates using established identification and authentication procedures. |