STIGQter: STIG Summary: BlackBerry Enterprise Mobility Server 2.x Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

The BlackBerry Enterprise Mobility Server (BEMS) must be configured to use HTTPS.

DISA Rule

SV-93729r1_rule

Vulnerability Number

V-79023

Group Title

SRG-APP-000516-AS-000237

Rule Version

BEMS-00-013500

Severity

CAT I

CCI(s)

• CCI-000068 - The information system implements cryptographic mechanisms to protect the confidentiality of remote access sessions.

Weight

10

Fix Recommendation

Configure BEMS to use HTTPS as follows:

1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration".
2. Click "BlackBerry Dynamics".
3. In the Protocol drop-down list, select "HTTPS".

Check Contents

Verify BEMS has been configured to use HTTPS as follows:

1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration".
2. Click "BlackBerry Dynamics".
3. In the Protocol drop-down list, verify "HTTPS" is selected.

If HTTPS is not configured on BEMS, this is a finding.

Vulnerability Number

V-79023

Documentable

False

Rule Version

BEMS-00-013500

Severity Override Guidance

Verify BEMS has been configured to use HTTPS as follows:

1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration".
2. Click "BlackBerry Dynamics".
3. In the Protocol drop-down list, verify "HTTPS" is selected.

If HTTPS is not configured on BEMS, this is a finding.

Check Content Reference

M

Target Key

3259

Comments