Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must maintain the binding of digital credentials to information with sufficient assurance that the information/credential association can be used as the basis for automated policy actions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36266 | SRG-APP-011-MDM-238-SRV | SV-47670r1_rule | High |
| Description |
|---|
| Without the assurance of credential association with the information, policy decisions based on that association become faulty and potentially allow for authorization decisions that are applied incorrectly. Sufficient assurance: assurance that the digital credential has not been removed, replaced or modified. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44506r1_chk ) |
|---|
| Review system documentation to determine whether the MDM server maintains the binding of digital credentials to information with sufficient assurance that the information/credential association can be used as the basis for automated policy actions. If these bindings are not maintained, this is a finding. |
| Fix Text (F-40796r1_fix) |
|---|
| Configure the MDM server to maintain the binding of digital credentials to information with sufficient assurance that the information/credential association can be used as the basis for automated policy actions. |