UCF STIG Viewer Logo

The MDM server device integrity validation component must include the capability to notify an organization defined list of response personnel who are identified by name and/or by role notifications of suspicious events.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36179 SRG-APP-286-MDM-174-MDIS SV-47583r1_rule High
Description
Integrity checking applications are by their nature designed to monitor and detect defined events occurring on the system. When the integrity checking mechanism finds an anomaly, it must notify personnel in order to ensure the proper action is taken based upon the integrity issues found. If notification is not performed, the issue may continue or worsen to allow intruders into the system.
STIG Date
Mobile Device Manager Security Requirements Guide 2013-01-24

Details

Check Text ( C-44419r1_chk )
Review the MDM server configuration to ensure the MDM server device integrity validation component includes the capability to notify an organization defined list of response personnel who are identified by name and/or by role notifications of suspicious events. If this function is not configured, this is a finding.
Fix Text (F-40709r1_fix)
Configure the MDM server device integrity validation component to provide the capability to notify an organization defined list of response personnel who are identified by name and/or by role notifications of suspicious events.