UCF STIG Viewer Logo

The MDM server must use cryptography to protect the integrity of remote access sessions with managed mobile devices.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36168 SRG-APP-015-MDM-165-MDM SV-47572r1_rule Medium
Description
Encryption is critical for the protection of the remote access sessions. If the encryption is not being used for integrity, malicious users may gain the ability to modify the MDM server. The use of cryptography for integrity of remote access session to the MDM server mitigates that risk.
STIG Date
Mobile Device Manager Security Requirements Guide 2013-01-24

Details

Check Text ( C-44409r1_chk )
Review the MDM server configuration to ensure the MDM server can use cryptography to protect the integrity of remote access sessions with managed mobile devices. If remote access is not enabled this rule is N/A, and does not apply. If remote access is enabled, and this function is not present, this is a finding.
Fix Text (F-40698r1_fix)
Configure the MDM server to use cryptography to protect the integrity of remote access sessions with managed mobile devices.