The host server where the MDM server components are installed must be hardened according to the appropriate Application and OS STIGs (Windows, SQL, Apache Web Server, Apache Tomcat, IIS, etc.).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36030 | SRG-APP-999-MDM-028-SRV | SV-47419r1_rule | Medium |
| Description |
|---|
| The host server where the MDM server components are installed must be compliant with the Windows STIG and applicable application STIGs to ensure the system is not vulnerable to attack resulting in a Denial of Service or compromise of the MDM server environment. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44269r1_chk ) |
|---|
| Work with the OS Reviewer or check VMS for last review of each host server where a MDM server component is installed. This includes the host server for the MDM server, MAM, MDIS, and MEM servers. |
| Fix Text (F-40560r1_fix) |
|---|
| Conduct required STIG reviews of the OS and all installed applications on the host server. |