The Enterprise Voice, Video, and Messaging Session Manager must be configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-260009 | SRG-NET-000138-VVSM-00101 | SV-260009r948988_rule | CCI-000764 | high |
| Description | ||||
| To ensure accountability and prevent unauthenticated access, organizational users must be uniquely identified and authenticated to prevent potential misuse and compromise of the system. Sharing of accounts prevents accountability and nonrepudiation. Organizational users must be uniquely identified and authenticated for all accesses. | ||||
| STIG | Date | |||
| Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide | 2024-03-11 | |||
Details
Check Text (C-260009r948988_chk)
Verify the Enterprise Voice, Video, and Messaging Session Manager uniquely identifies all users.
If the Enterprise Voice, Video, and Messaging Session Manager does not uniquely identify all users, then is a finding.
Fix Text (F-63647r948987_fix)
Configure the Enterprise Voice, Video, and Messaging Session Manager to uniquely identify all users.