UCF STIG Viewer Logo

The operating system must manage information system identifiers for users and devices by disabling the user identifier after an organization defined time period of inactivity.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33098 SRG-OS-000118-NA SV-43496r1_rule Medium
Description
Inactive user accounts pose a risk to systems and applications. Owners of inactive accounts will not notice if unauthorized access to their user account has been obtained. Rationale for non-applicability: For the purposes of this SRG, a mobile operating system is assumed to support a single human-accessible user account, whose identifier would never be disabled. Some mobile operating systems also assign identifiers to applications, in which case there is a similar need for persistence regardless of usage patterns.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41357r1_chk )
This requirement is NA for the Mobile OS SRG.
Fix Text (F-36998r1_fix)
The requirement is NA. No fix is required.