STIGQter: STIG Summary: IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 26 Apr 2019:

The MaaS360 MDM server must be configured to leverage the MDM platform user accounts and groups for MaaS360 MDM server user identification and authentication.

DISA Rule

SV-96883r1_rule

Vulnerability Number

V-82169

Group Title

PP-MDM-314002

Rule Version

M360-10-007700

Severity

CAT II

CCI(s)

• CCI-000015 - The organization employs automated mechanisms to support the information system account management functions.

Weight

10

Fix Recommendation

Configure the MaaS360 server to leverage the MDM platform user accounts and groups for MaaS360 server user identification and authentication.

On the MaaS360 Console, complete the following steps:
1. Navigate to Setup >> Settings.
2. Under Administrator Setting >> Advanced, select "Login Settings".
3. Select "Configure Federated Single Sign-On" and "Authenticate against Corporate User Directory".
4. Install the Cloud Extender: Setup >> Cloud Extender and select "Cloud Extender Online".

Check Contents

Review the MaaS360 server console and confirm that the MDM platform accounts are leveraged when users identify and authenticate themselves to the MaaS360 console.

On the MaaS360 Console, complete the following steps:
1. Navigate to Setup >> Settings.
2. Under Administrator Setting >> Advanced, select "Login Settings".
3. Verify "Configure Federated Single Sign-On" is checked and "Authenticate against Corporate User Directory" is selected.
4. Verify the Cloud Extender is installed: Setup >> Cloud Extender and verify "Cloud Extender Online" is checked.

If "Configure Federated Single Sign-On" and "Authenticate against Corporate User Directory" are not selected, this is a finding.

For SaaS deployments if Cloud Extender is not installed or "Cloud Extender Online" is not checked, this is a finding.

Vulnerability Number

V-82169

Documentable

False

Rule Version

M360-10-007700

Severity Override Guidance

Review the MaaS360 server console and confirm that the MDM platform accounts are leveraged when users identify and authenticate themselves to the MaaS360 console.

On the MaaS360 Console, complete the following steps:
1. Navigate to Setup >> Settings.
2. Under Administrator Setting >> Advanced, select "Login Settings".
3. Verify "Configure Federated Single Sign-On" is checked and "Authenticate against Corporate User Directory" is selected.
4. Verify the Cloud Extender is installed: Setup >> Cloud Extender and verify "Cloud Extender Online" is checked.

If "Configure Federated Single Sign-On" and "Authenticate against Corporate User Directory" are not selected, this is a finding.

For SaaS deployments if Cloud Extender is not installed or "Cloud Extender Online" is not checked, this is a finding.

Check Content Reference

M

Target Key

3403

Comments