The MDM server device integrity validation component must employ automated mechanisms to detect the presence of unauthorized software on managed mobile devices and notify designated organizational officials in accordance with the organization defined frequency.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36172	SRG-APP-189-MDM-168-MDIS	SV-47576r1_rule		High

Description
Unauthorized software poses a risk to the device because it could potentially perform malicious functions, including but not limited to gathering sensitive information, searching for other system vulnerabilities, or modifying log entries. A mechanism to detect unauthorized software and notify officials of its presence assists in the task of removing such software to eliminate the risks it poses to the device and the networks to which the device attaches.

Description

Unauthorized software poses a risk to the device because it could potentially perform malicious functions, including but not limited to gathering sensitive information, searching for other system vulnerabilities, or modifying log entries. A mechanism to detect unauthorized software and notify officials of its presence assists in the task of removing such software to eliminate the risks it poses to the device and the networks to which the device attaches.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44412r1_chk )
Review the MDM server configuration to ensure the MDM server device integrity validation component can detect the presence of unauthorized software on managed mobile devices and notify designated organizational officials. If this function is not present, this is a finding.

Fix Text (F-40702r1_fix)
Configure the MDM server device integrity validation component to detect and report the presence of unauthorized software.