UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The master AES encryption key used to encrypt data between the management server and the agent on the mobile device must be changed on a periodic basis.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33231 WIR-WMS-MDM-03 SV-43637r1_rule IAKM-1 Low
Description
If the master encryption key is not rotated periodically, and it is compromised, all future data sent between the mobile management server and the agent located on the mobile device would be compromised. Limiting the compromise to no more than a specific period of data is a security best practice.
STIG Date
Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) 2012-07-20

Details

Check Text ( C-41503r1_chk )
This requirement applies to any mobile management server, including the MDM, MAM, MDIS, and MEM.

Work with the server system administrator to view the configuration of the master encryption key on the server. Verify AES is used for the master encryption key and it is set to rotate at least every 30 days.

Mark as a finding if the master encryption key is not rotated at least every 30 days or AES encryption is not used.
Fix Text (F-37140r1_fix)
Use an AES master encryption key and set it to rotate at least every 30 days.