UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Samsung SDS EMM server must be configured to use one-time password in addition to username and password for administrator logon to the server.


Overview

Finding ID Version Rule ID IA Controls Severity
V-225649 SSDS-00-000725 SV-225649r547734_rule High
Description
Two-factor authentication ensures strong authentication and access controls are in place for privileged accounts. SFR ID: FIA
STIG Date
Samsung SDS EMM Security Technical Implementation Guide 2020-09-16

Details

Check Text ( C-27350r547732_chk )
Verify the EMM server has been configured to use one-time password (OTP) for administrator logon to the server.

On the MDM console, do the following:
1. In the Admin Console login page, enter the Admin ID and password and click the "Sign in" button.
2. Enter the OTP in the pop-up by sending SMS or email that is registered in admin account information.
3. Login is successful.

If the EMM server has not been configured to use OTP for administrator logon to the server, this is a finding.
Fix Text (F-27338r547733_fix)
Use the following procedure for configuring the use of OTP authentication on the EMM server:

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Setting >> Server >> Configuration and set Two-Factor Authentication to "Yes".
3. Click "Save".