The MDM server must audit any use of privileged accounts, or roles, with access to organization defined security functions or security relevant information, when accessing other system functions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36271 | SRG-APP-063-MDM-241-SRV | SV-47675r1_rule | Medium |
| Description |
|---|
| This requirement is intended to address those situations where an access control policy, such as Role Based Access Control (RBAC), is being implemented and where a change of role provides the same degree of assurance in the change of access authorizations for both the user and all processes acting on behalf of the user as would be provided by a change between a privileged and non-privileged account. An audit trail pertaining to the access of security functions or security relevant information is imperative for forensic analysis in the event a non-privileged account becomes a part of a role it should not be a part of. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44511r1_chk ) |
|---|
| Review MDM server documentation and audit configuration to verify the MDM server audits any use of privileged accounts, or roles, with access to organization defined security functions or security relevant information, when accessing other system functions. If auditing is not being performed, this is a finding. |
| Fix Text (F-40801r1_fix) |
|---|
| Configure the MDM server to audit any use of privileged accounts, or roles, with access to organization defined security functions or security relevant information, when accessing other system functions. |