The MDM server must disable network access by unauthorized server components or notify designated organizational officials.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36034 | SRG-APP-228-MDM-030-SRV | SV-47423r1_rule | Medium |
| Description |
|---|
| Maintaining system and network integrity requires all systems on the network are identified and accounted for. Without an accurate accounting of systems utilizing the network, the opportunity exists for the introduction of rogue systems. The significance of this manner of security compromise increases exponentially over time and could become a persistent threat. Therefore, organizations must employ automated mechanisms to detect the addition unauthorized devices. Eliminating unauthorized access to the network is vital to maintaining a secured network. For an MDM server, this accounting extends to the allowance of specific mobile devices to access the network via the MDM server. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44273r1_chk ) |
|---|
| Review the MDM server configuration to determine how the system needs to be configured to disable access by unauthorized components. If the MDM server is not configured to restrict access to authorized components or does not notify designated organizational officials, this is a finding. |
| Fix Text (F-40564r1_fix) |
|---|
| Configure the MDM server to disable network access by unauthorized server components. Notifying a designated organization official of access being granted to a component is also sufficient. |