Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The UEM server must be configured to only allow enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-234521 | SRG-APP-000378-UEM-000249 | SV-234521r879751_rule | Medium |
| Description |
|---|
| If the application install policy is not enforced, malicious applications and vulnerable applications can be installed on managed mobile devices, which could compromise DoD data. Satisfies:FMT_MOF.1.1(3) Reference:PP-MDM-423206 |
| STIG | Date |
|---|---|
| Unified Endpoint Management Server Security Requirements Guide | 2023-02-13 |
Details
| Check Text ( C-37706r851589_chk ) |
|---|
| Verify the UEM server allows only enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications. If the UEM server does not allow only enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications, this is a finding. |
| Fix Text (F-37671r615207_fix) |
|---|
| Configure the UEM server to allow only enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications. |