The MDM server must prevent the installation of applications that are not digitally signed with an organizationally accepted private key.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36085 | SRG-APP-131-MDM-085-MDM | SV-47476r1_rule | High |
| Description |
|---|
| Any additions of applications can potentially have significant effects on the overall security of the system. Digital signatures on code provide assurance that the code comes from a known source and has not been modified. This feature is a key malware control on mobile devices. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44325r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the system prevents the installation of applications that are not digitally signed with an organizationally accepted private key. If the system does not prevent the installation of applications that are not digitally signed with an organizationally accepted private key, this is a finding. |
| Fix Text (F-40615r1_fix) |
|---|
| Configure the MDM server to prevent the installation of applications that are not digitally signed with an organizationally accepted private key. |