Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Samsung SDS EMM server must be configured to use one-time password in addition to username and password for administrator logon to the server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-225649 | SSDS-00-000725 | SV-225649r744410_rule | High |
| Description |
|---|
| Two-factor authentication ensures strong authentication and access controls are in place for privileged accounts. But One-Time Passwords (OTP) do not meet DoD requirements that system administrators access privileged accounts via CAC authentication through a directory service (Active Directory). SFR ID: FIA |
| STIG | Date |
|---|---|
| Samsung SDS EMM Security Technical Implementation Guide | 2021-06-07 |
Details
| Check Text ( C-27350r744402_chk ) |
|---|
| Verify the EMM server has not been configured to use one-time password (OTP) for administrator logon to the server. On the MDM console, do the following: 1. Log into the SDS EMM console. 2. Go to Setting >> Server >> Configuration >> Two-Factor Authentication. 3. Verify Two-Factor Authentication is set to "No". If the EMM server has not been configured to disable one-time-password (OTP) for administrator logon to the server, this is a finding. |
| Fix Text (F-27338r744403_fix) |
|---|
| Use the following procedure for configuring the use of OTP authentication on the EMM server: On the MDM console, do the following: 1. Log into the SDS EMM console. 2. Go to Setting >> Server >> Configuration >> Two-Factor Authentication. 3. Set Two-Factor Authentication to "No". 4. Save setting. |