UCF STIG Viewer Logo

The MDM server must automatically audit on administrator account creation.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36270 SRG-APP-026-MDM-240-SRV SV-47674r1_rule Medium
Description
Auditing of account creation is a method and best practice for mitigating the risk of an attacker creating a persistent method of re-establishing access. A comprehensive account management process will ensure an audit trail which documents the creation of accounts and, if required, notifies administrators. Such a process greatly reduces the risk of accounts being created outside the normal approval process and provides logging that can be used for forensic purposes. Additionally, the audit records of account creation can be compared to the known approved account creation list.
STIG Date
Mobile Device Manager Security Requirements Guide 2013-01-24

Details

Check Text ( C-44509r1_chk )
Review MDM server documentation and audit configuration to verify the MDM server creates an audit record automatically on administrator account creation. If MDM server does not create an audit record automatically on administrator account creation, this is a finding.
Fix Text (F-40799r1_fix)
Configure the MDM server to create an audit record automatically on administrator account creation.