Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must ensure authentication of both mobile device MDM server agent and server during the entire session.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36161 | SRG-APP-219-MDM-160-MDM | SV-47565r1_rule | Medium |
| Description |
|---|
| MDM server can be prone to man-in-the middle attacks. If communication sessions are not provided appropriate validity protections, such as the employment of SSL Mutual Authentication authenticity of the data cannot be guaranteed. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44401r1_chk ) |
|---|
| Review the MDM server configuration to ensure the MDM server ensures authentication of both mobile device MDM server agent and server during the entire session. If it does not, this is a finding. |
| Fix Text (F-40691r1_fix) |
|---|
| Configure the MDM server to authenticate both the mobile device MDM server agent and server during the entire session. |