The Enterprise Voice, Video, and Messaging Endpoint must be configured to uniquely identify participating users.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-259964 | SRG-NET-000138-VVEP-00029 | SV-259964r948859_rule | CCI-000764 | high |
| Description | ||||
| To ensure accountability and prevent unauthenticated access, users must be identified to prevent potential misuse and compromise of the system. The Enterprise Voice, Video, and Messaging Endpoint must display the source of an incoming call and the participant's identity to aid the user in deciding whether to answer a call. The information potentially at risk is that which can be seen in the physical area of the Enterprise Voice, Video, and Messaging Endpoint or carried by the conference in which it is participating. This does not apply to authentication for the purpose of configuring the device itself (i.e., device management). | ||||
| STIG | Date | |||
| Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide | 2024-08-02 | |||
Details
Check Text (C-259964r948859_chk)
Verify the Enterprise Voice, Video, and Messaging Endpoint uniquely identifies participating users. Identification must be visible and displayed locally.
If the Enterprise Voice, Video, and Messaging Endpoint does not uniquely identify participating users, this is a finding.
Fix Text (F-63602r948858_fix)
Configure the Enterprise Voice, Video, and Messaging Endpoint to uniquely identify participating users.