The mobile operating system must support the capability for the system administrator to disable over-the-air (OTA) provisioning.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33016 | SRG-OS-000087-MOS-000059 | SV-43414r1_rule | Low |
| Description |
|---|
| In some environments, the risk of OTA provisioning may outweigh any convenience benefit it offers. In such cases, the administrator should have the ability to disable OTA provisioning to ensure security breaches do not occur from use of this technique. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-41314r1_chk ) |
|---|
| Review system documentation and operating system configuration to determine if the system administrator has the ability to disable OTA provisioning. If the operating system does not support OTA provisioning, this also meets the requirement. If the operating system supports OTA but there is no means for the SA to disable that capability, this is a finding. |
| Fix Text (F-36929r1_fix) |
|---|
| Configure the mobile operating system permit the system administrator to disable over-the-air (OTA) provisioning. |