The MDM server must ensure remote sessions for accessing the server by an administrator are audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36339 | SRG-APP-019-MDM-279-SRV | SV-47743r1_rule | High |
| Description |
|---|
| Session auditing activities are developed, integrated, and used in consultation with legal counsel in accordance with applicable federal laws, Executive Orders, directives, policies, or regulations. This allows all aspects of a session to be recreated. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44581r1_chk ) |
|---|
| Review the MDM server configuration to determine whether the MDM server audits remote sessions for accessing the server by an administrator. If the MDM server does not audit remote sessions for accessing the server by an administrator, this is a finding. |
| Fix Text (F-40871r1_fix) |
|---|
| Configure the MDM server to log an audit event for each instance when an administrator accesses the server remotely. |