STIGQter: STIG Summary: Samsung SDS EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 11 Sep 2020:

The Samsung SDS EMM must be configured to display the required DoD warning banner upon administrator logon. Note: This requirement is not applicable if the TOE platform is selected in FTA_TAB.1.1 in the Security Target (ST).

DISA Rule

SV-225644r547719_rule

Vulnerability Number

V-225644

Group Title

PP-MDM-411056

Rule Version

SSDS-00-000530

Severity

CAT II

CCI(s)

• CCI-000048 - The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

Weight

10

Fix Recommendation

Configure the Samsung SDS EMM to display the appropriate warning banner text.

Install Samsung SDS EMM patch 2.2.5.1 Build 200707.

On the EMM console, do the following:
1. Log in to the Samsung SDS EMM Server Admin Console using a web browser.
2. Go to Settings >> Admin Console >> Logo Setting and click in the text box and type or paste the DoD banner.
3. Click "Save".

Check Contents

Review Samsung SDS EMM server documentation and configuration settings to determine if the warning banner is using the appropriate designated wording.

On the MDM console, do the following:
1. Log in to the Samsung SDS EMM Server Admin Console using a web browser.
2. Go to Settings >> Admin Console >> Logo Setting.
3. Verify the text in the "Logo/Notification" window that appears. Confirm the text in the Login Notification box is the required DoD banner text.

Alternately, verify the banner is correct during logon to the console.

If the warning banner is not set up on the Samsung SDS EMM or wording does not exactly match the requirement text, this is a finding.

Vulnerability Number

V-225644

Documentable

False

Rule Version

SSDS-00-000530

Severity Override Guidance

Review Samsung SDS EMM server documentation and configuration settings to determine if the warning banner is using the appropriate designated wording.

On the MDM console, do the following:
1. Log in to the Samsung SDS EMM Server Admin Console using a web browser.
2. Go to Settings >> Admin Console >> Logo Setting.
3. Verify the text in the "Logo/Notification" window that appears. Confirm the text in the Login Notification box is the required DoD banner text.

Alternately, verify the banner is correct during logon to the console.

If the warning banner is not set up on the Samsung SDS EMM or wording does not exactly match the requirement text, this is a finding.

Check Content Reference

M

Target Key

4216

Comments