The MDM server must deploy operating system and application updates via over-the-air (OTA) provisioning for managed mobile devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36084 | SRG-APP-128-MDM-084-MAM | SV-47475r1_rule | Medium |
| Description |
|---|
| Without the MDM server capability to deploy operating systems and application updates OTA, it is possible for the mobile devices under the MDM server's control to be susceptible to a zero day attack. The ability to apply updates OTA allows for rapid response to patching. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44324r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the system can deploy mobile operation system and application updates via an over-the-air (OTA) session. If the MDM server cannot be configured to send MOS and MAP updates OTA, this is a finding. |
| Fix Text (F-40614r1_fix) |
|---|
| Configure the MDM server to deploy MOS and MAP updates via an OTA session. |