The MDM server must synchronize internal information system clocks with United States Naval Observatory (USNO or other DoD-approved) time servers at least once every 24 hours.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36312 | SRG-APP-117-MDM-263-SRV | SV-47716r1_rule | Low |
| Description |
|---|
| Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysis and investigating system events. Periodically synchronizing internal clocks with an authoritative time source helps ensure time is synchronized across the enterprise. The USNO time servers provide accurate time and are recommended. This synchronization facilitates event correlation and increases the likelihood that the scope and severity of an IA incident will be fully understood, thereby enabling an effective response to the incident. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44553r1_chk ) |
|---|
| If the MDM server uses configuration files for this capability, review the MDM server configuration files to determine whether the operating system synchronizes its clock to an authoritative time source. Verify the configured authoritative time sources are the ones intended. The USNO time servers and are recommended, but if they are not available in the environment in which the device is used, then other DoD approved time servers are acceptable. If the MDM server relies on any non-DoD approved source for time, this is a finding. |
| Fix Text (F-40843r1_fix) |
|---|
| Configure the MDM server to synchronize internal information system clocks on an organization defined frequency with an organization defined authoritative time source. |