Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-36168 | SRG-APP-015-MDM-165-MDM | SV-47572r1_rule | Medium |
Description |
---|
Encryption is critical for the protection of the remote access sessions. If the encryption is not being used for integrity, malicious users may gain the ability to modify the MDM server. The use of cryptography for integrity of remote access session to the MDM server mitigates that risk. |
STIG | Date |
---|---|
Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Check Text ( C-44409r1_chk ) |
---|
Review the MDM server configuration to ensure the MDM server can use cryptography to protect the integrity of remote access sessions with managed mobile devices. If remote access is not enabled this rule is N/A, and does not apply. If remote access is enabled, and this function is not present, this is a finding. |
Fix Text (F-40698r1_fix) |
---|
Configure the MDM server to use cryptography to protect the integrity of remote access sessions with managed mobile devices. |