The application must support the enforcement of a two-person rule for changes to organization defined application components and system-level information.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36428	SRG-APP-132-NA	SV-47832r1_rule		Medium

Description
Regarding access restrictions for changes made to organization defined information system components and system level information. Any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Rationale for non-applicability: The IA posture of the MDM server does not warrant application of the two-person rule.

Description

Regarding access restrictions for changes made to organization defined information system components and system level information. Any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Rationale for non-applicability: The IA posture of the MDM server does not warrant application of the two-person rule.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44670r1_chk )
This requirement is NA for the MDM server SRG.

Fix Text (F-40960r1_fix)
The requirement is NA. No fix is required.