The MDM server must enforce approved authorizations for logical access to the system in accordance with applicable policy.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36027 | SRG-APP-033-MDM-024-SRV | SV-47416r1_rule | High |
| Description |
|---|
| Strong access controls are critical to securing the MDM server. Access control policies (e.g., identity-based policies, role-based policies, attribute-based policies) and access enforcement mechanisms (e.g., access control lists, access control matrices, cryptography) must be employed by the MDM server when applicable to control access between users (or processes acting on behalf of users) and objects (e.g., devices, files, records, processes, programs, domains) in the MDM server. Without stringent logical access and authorization controls to the MDM server, an adversary may have the ability, with very little effort, to compromise the MDM server and associated supporting infrastructure. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44266r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the system can enforce approved authorizations for logical access to the system in accordance with applicable policy. If the MDM server cannot provide these access controls, this is a finding. |
| Fix Text (F-40557r1_fix) |
|---|
| Configure the MDM server to enforce approved authorizations for logical access to the system in accordance with applicable policy. |