UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Samsung SDS EMM server must be configured to use one-time password in addition to username and password for administrator logon to the server.


Overview

Finding ID Version Rule ID IA Controls Severity
V-225649 SSDS-00-000725 SV-225649r744410_rule High
Description
Two-factor authentication ensures strong authentication and access controls are in place for privileged accounts. But One-Time Passwords (OTP) do not meet DoD requirements that system administrators access privileged accounts via CAC authentication through a directory service (Active Directory). SFR ID: FIA
STIG Date
Samsung SDS EMM Security Technical Implementation Guide 2022-06-10

Details

Check Text ( C-27350r744402_chk )
Verify the EMM server has not been configured to use one-time password (OTP) for administrator logon to the server.

On the MDM console, do the following:
1. Log into the SDS EMM console.
2. Go to Setting >> Server >> Configuration >> Two-Factor Authentication.
3. Verify Two-Factor Authentication is set to "No".

If the EMM server has not been configured to disable one-time-password (OTP) for administrator logon to the server, this is a finding.
Fix Text (F-27338r744403_fix)
Use the following procedure for configuring the use of OTP authentication on the EMM server:

On the MDM console, do the following:
1. Log into the SDS EMM console.
2. Go to Setting >> Server >> Configuration >> Two-Factor Authentication.
3. Set Two-Factor Authentication to "No".
4. Save setting.