The MDM server must uniquely identify mobile devices managed by the server prior to connecting to the device.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36154	SRG-APP-158-MDM-153-MDM	SV-47558r1_rule		Medium

Description
When managed mobile devices connect to the MDM server the security policy and possible sensitive DoD data will be pushed to the device. In addition, the device may be provided access to application and web servers on the DoD network. Therefore, strong authentication of the user on the device is required to ensure sensitive DoD data is not exposed and unauthorized access to the DoD network is not granted, exposing the network to malware and attack.

Description

When managed mobile devices connect to the MDM server the security policy and possible sensitive DoD data will be pushed to the device. In addition, the device may be provided access to application and web servers on the DoD network. Therefore, strong authentication of the user on the device is required to ensure sensitive DoD data is not exposed and unauthorized access to the DoD network is not granted, exposing the network to malware and attack.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44394r1_chk )
Review the MDM server configuration to ensure the MDM server can uniquely identify mobile devices managed by the server prior to connecting to the device. If this function is not present, this is a finding.

Fix Text (F-40684r1_fix)
Configure the MDM server to uniquely identify mobile devices managed by the server prior to connecting to the device.