The application must enforce requirements for remote connections to the information system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35388	SRG-APP-000140-MAPP-NA	SV-46675r1_rule		Medium

Description
Applications that provide remote access to information systems must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requirements. Examples of policy requirements include but are not limited to; Authorizing remote access to the information system, limiting access based on authentication credentials and monitoring for unauthorized access. Rationale for non-applicability: Applications that support remote access to the mobile device are outside the scope of this SRG. The SRG does not cover mobile applications that perform server functions.

Description

Applications that provide remote access to information systems must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requirements. Examples of policy requirements include but are not limited to; Authorizing remote access to the information system, limiting access based on authentication credentials and monitoring for unauthorized access. Rationale for non-applicability: Applications that support remote access to the mobile device are outside the scope of this SRG. The SRG does not cover mobile applications that perform server functions.

STIG	Date
Mobile Application Security Requirements Guide	2013-01-04

Details

Check Text ( C-43748r1_chk )
This requirement is NA for the MAPP SRG.

Fix Text (F-39934r1_fix)
The requirement is NA. No fix is required.