UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MDM server must prevent the installation of applications that are not digitally signed with an organizationally accepted private key.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36085 SRG-APP-131-MDM-085-MDM SV-47476r1_rule High
Description
Any additions of applications can potentially have significant effects on the overall security of the system. Digital signatures on code provide assurance that the code comes from a known source and has not been modified. This feature is a key malware control on mobile devices.
STIG Date
Mobile Device Manager Security Requirements Guide 2013-01-24

Details

Check Text ( C-44325r1_chk )
Review the MDM server configuration to determine whether the system prevents the installation of applications that are not digitally signed with an organizationally accepted private key. If the system does not prevent the installation of applications that are not digitally signed with an organizationally accepted private key, this is a finding.
Fix Text (F-40615r1_fix)
Configure the MDM server to prevent the installation of applications that are not digitally signed with an organizationally accepted private key.