Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must configure the mobile device to prohibit the mobile device user from installing unapproved applications.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36148 | SRG-APP-135-MDM-148-MAM | SV-47552r1_rule | Medium |
| Description |
|---|
| The operating system must enforce software installation by users based upon what types of software installations are permitted (e.g., updates and security patches to existing software) and what types of installations are prohibited (e.g., software whose pedigree with regard to being potentially malicious is unknown or suspect) by the organization. The installation and execution of unauthorized software on an operating system may allow the application to obtain sensitive information or further compromise the system. Preventing a user from installing unapproved applications mitigates this risk. All OS core applications, third-party applications, and carrier installed applications must be approved. In this case, applications include any applets, browse channel apps, and icon apps. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44388r1_chk ) |
|---|
| Review the MDM server configuration to ensure the MDM server can configure the mobile device to prohibit the mobile device user from installing unapproved applications. If this function is not present, this is a finding. |
| Fix Text (F-40678r1_fix) |
|---|
| Configure the MDM server so the mobile device is configured to prohibit the mobile device user from installing unapproved applications. |