The MDM server must authenticate devices before establishing remote network connections using bidirectional cryptographically based authentication between devices.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36155 | SRG-APP-159-MDM-154-MDM | SV-47559r1_rule | Medium |
| Description |
|---|
| Device authentication is a solution enabling an organization to manage devices. Without the authentication, there is risk of a rogue device being serviced by an MDM server. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44395r1_chk ) |
|---|
| Review the MDM server configuration to ensure the MDM server authenticates devices before establishing remote network connections using bidirectional cryptographically based authentication between devices. If this function is not performed, this is a finding. |
| Fix Text (F-40685r1_fix) |
|---|
| Configure the MDM server to authenticate devices before establishing remote network connections using bidirectional cryptographically based authentication between devices. |