UCF STIG Viewer Logo

Samsung SDS EMM v1.5.x Security Technical Implementation Guide


Overview

Date Finding Count (8)
2017-01-20 CAT I (High): 0 CAT II (Med): 6 CAT III (Low): 2
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Public)

Finding ID Severity Title
V-73209 Medium The Samsung SDS EMM server platform must be protected by a DoD-approved firewall.
V-73203 Medium The Samsung SDS EMM server must be configured with the Administrator roles: a. MD user; b. Server primary administrator; c. Security configuration administrator; d. Device user group administrator; and e. Auditor.
V-73211 Medium The firewall protecting the Samsung SDS EMM server platform must be configured to restrict all network traffic to and from all addresses with the exception of ports, protocols, and IP address ranges required to support Samsung SDS EMM server and platform functions.
V-73207 Medium The Samsung SDS EMM server or platform must initiate a session lock after a 15-minute period of inactivity.
V-73213 Medium The firewall protecting the Samsung SDS EMM server platform must be configured so that all allowed ports, protocols, and services are approved for DoD use (on the DoD Ports, Protocols, Services Management (PPSM) Category Assurance Levels (CAL) list).
V-73205 Medium The Samsung SDS EMM server must be configured to transfer MD audit logs and Samsung SDS EMM server logs to another server for analysis and reporting.
V-73215 Low The Samsung SDS EMM agent must be configured for the periodicity of reachability events for six hours or less.
V-73201 Low Before establishing a user session, the Samsung SDS EMM server must display an administrator-specified advisory notice and consent warning message regarding use of the Samsung SDS EMM server.