The MDM server device integrity validation component must use automated mechanisms to alert security personnel when the device has been jailbroken or rooted.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36181	SRG-APP-237-MDM-175-MDIS	SV-47585r1_rule		High

Description
Successful incident response and auditing relies on timely, accurate system information and analysis in order to allow the organization to identify and respond to potential incidents in a proficient manner. The ability of an MDM server to detect "jailbreaking" or rooting of the device mitigates the potential for these breaches to have further consequences to the enterprise. Jailbroken/rooting refers to a mobile device where the security mechanisms of the hardware and OS of the device have been bypassed so the user has root access.

Description

Successful incident response and auditing relies on timely, accurate system information and analysis in order to allow the organization to identify and respond to potential incidents in a proficient manner. The ability of an MDM server to detect "jailbreaking" or rooting of the device mitigates the potential for these breaches to have further consequences to the enterprise. Jailbroken/rooting refers to a mobile device where the security mechanisms of the hardware and OS of the device have been bypassed so the user has root access.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44421r2_chk )
Review the MDM server configuration to ensure the MDM server device integrity validation component uses automated mechanisms to alert security personnel when the device has been "jailbroken" or rooted. If this function is not configured, this is a finding.

Fix Text (F-40711r2_fix)
Configure the MDM server device integrity validation component to use automated mechanisms to alert security personnel when the device has been "jailbroken" or rooted.