Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must require administrators to be authenticated with an individual authenticator prior to using a group authenticator.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36039 | SRG-APP-153-MDM-035-SRV | SV-47428r1_rule | High |
| Description |
|---|
| To assure individual accountability and prevent unauthorized access, MDM server administrators and users (and any processes acting on behalf of users) must be individually identified and authenticated. Without individual accountability, there can be no traceability back to an individual if there were a security incident on the system. In addition, group accounts can be shared with individuals who do not have authorized access. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44278r1_chk ) |
|---|
| Review the MDM server configuration to ensure the system is authenticating through the Enterprise Authentication Mechanism that performs individual authentication prior to performing group authentication. If the MDM server is not authenticating through the Enterprise Authentication Mechanism, this is a finding. |
| Fix Text (F-40569r1_fix) |
|---|
| Configure the MDM server to authenticate through the Enterprise Authentication Mechanism. |