The MDM server must notify, as required, appropriate individuals when administrator accounts are disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36080 | SRG-APP-293-MDM-080-SRV | SV-47471r1_rule | Medium |
| Description |
|---|
| Monitoring account disabling is critical to ensure a denial of service situation does not exist on the operating system. An unexpected account deletion can also be a sign that there is a rogue administrator account that may be deleting traces of activity. In order to facilitate the monitoring, the MDM server must notify designated personnel when an account is disabled. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44319r1_chk ) |
|---|
| Review the MDM server configuration to ensure the system is configured to notify appropriate individuals when administrator accounts are disabled. If the system is not configured to notify appropriate individuals when administrator accounts are disabled, this is a finding. |
| Fix Text (F-40610r1_fix) |
|---|
| Configure the MDM server to notify appropriate individuals when administrator accounts are disabled. |