Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must employ automated mechanisms to enforce access restrictions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36031 | SRG-APP-129-MDM-026-SRV | SV-47420r1_rule | Medium |
| Description |
|---|
| When dealing with access restrictions pertaining to change control, it should be noted that, any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Any changes to the hardware, software, and/or firmware components of the MDM server can potentially have significant effects on the overall security of the system. Therefore, only qualified and authorized individuals should be allowed to obtain access to the MDM server components for the purposes of implementing any changes or upgrades. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44270r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the system is employing automated mechanisms to enforce access restrictions. If the MDM server is not providing these access controls, this is a finding. |
| Fix Text (F-40561r1_fix) |
|---|
| Configure the MDM server to employ automated mechanisms to enforce access restrictions. |