The Samsung SDS EMM server must be configured to use one-time password in addition to username and password for administrator logon to the server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-225649 | SSDS-00-000725 | SV-225649r547734_rule | High |
| Description |
|---|
| Two-factor authentication ensures strong authentication and access controls are in place for privileged accounts. SFR ID: FIA |
| STIG | Date |
|---|---|
| Samsung SDS EMM Security Technical Implementation Guide | 2020-09-16 |
Details
| Check Text ( C-27350r547732_chk ) |
|---|
| Verify the EMM server has been configured to use one-time password (OTP) for administrator logon to the server. On the MDM console, do the following: 1. In the Admin Console login page, enter the Admin ID and password and click the "Sign in" button. 2. Enter the OTP in the pop-up by sending SMS or email that is registered in admin account information. 3. Login is successful. If the EMM server has not been configured to use OTP for administrator logon to the server, this is a finding. |
| Fix Text (F-27338r547733_fix) |
|---|
| Use the following procedure for configuring the use of OTP authentication on the EMM server: On the MDM console, do the following: 1. Log in to the Admin Console using a web browser. 2. Go to Setting >> Server >> Configuration and set Two-Factor Authentication to "Yes". 3. Click "Save". |