Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must automatically audit administrator account disabling actions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36070 | SRG-APP-028-MDM-070-SRV | SV-47461r1_rule | Medium |
| Description |
|---|
| When accounts are disabled, user accessibility is affected. Accounts are utilized for identifying individual application users or for identifying processes themselves. In order to detect and respond to events the MDM server must audit account disabling actions and, as required, notify the appropriate individuals, so they can investigate the event. Such a capability greatly reduces the risk that accessibility will be negatively affected for extended periods of time and provides logging that can be used for forensic purposes. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44309r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the system is configured to automatically audit administrator account disabling actions. If this is not configured, this is a finding. |
| Fix Text (F-40600r1_fix) |
|---|
| Configure the MDM server to automatically audit administrator account disabling actions. |