The BlackBerry Device Service server must support administrator authentication to the server via the Enterprise Authentication Mechanism's authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| BBDS-00-000305 | BBDS-00-000305 | BBDS-00-000305_rule | Medium |
| Description |
|---|
| In the DoD, Administrator credential requirements for authentication are defined by CTO 07-115Rev1, which is usually enforced by the Enterprise Authentication Mechanism. Non-complaint credential enforcement mechanisms make the DoD IS vulnerable to attack. |
| STIG | Date |
|---|---|
| BlackBerry Device Service 6.2 STIG | 2013-05-03 |
Details
| Check Text ( C-BBDS-00-000305_chk ) |
|---|
| Local authentication rules are handled by the host Operating system. Remote connection via web browser can be configured to use Microsoft Active Directory authentication during the installation of the BlackBerry Device Server. See the "Install the BlackBerry Device Service software" section of the BlackBerry Enterprise Service 10 BlackBerry Device Service Version: 6.2, Installation and Configuration Guide. To ensure correct configuration: 1. Have the BlackBerry Device Service (BDS) Administrator logon to the BDS Server, and ensure authentication was performed via Active Directory. If access to the server is not being authenticated via this method, this is a finding. |
| Fix Text (F-BBDS-00-000305_fix) |
|---|
| Configure the BlackBerry Device Service server to support administrator authentication to the server via the Enterprise Authentication Mechanism's authentication. |