STIGQter: STIG Summary: IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 26 Apr 2019:

The MaaS360 MDM server must be configured to enable all required audit events (if function is not automatically implemented during MDM/MAS server install): a. Failure to push a new application on a managed mobile device.

DISA Rule

SV-96889r1_rule

Vulnerability Number

V-82175

Group Title

PP-MDM-323202

Rule Version

M360-10-100200

Severity

CAT III

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.
• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the MaaS360 server to enable all required audit events: Failure to push a new application on a managed mobile device.

On the MaaS360 Console, complete the following steps:
1. Navigate to Security >> Policies and select the mobile operating system (iOS, etc.) the MDM policy alerts apply to.
2. Open the identified policy and go to device settings >> application compliance.
3. Set "Configure required applications" to "yes" and list all new applications.
4. Repeat for other MOS as required (for example, iOS, Android, etc.).

Check Contents

Review the MaaS360 server console and confirm the server is configured to alert for audit event failures on managed mobile devices.

On the MaaS360 Console, complete the following steps:
1. Navigate to Security >> Policies and have the System Administrator identify which mobile operating system (iOS, etc.) the MDM policy alerts apply to.
2. Open the identified policy and go to device settings >> application compliance.
3. Verify that "Configure required applications" is set to "yes" and that all new applications are listed.
4. Repeat for other MOS as required (for example, Android).

If the "Configure required applications" is not set to "yes" or all new applications are not on the list, this is a finding.

Vulnerability Number

V-82175

Documentable

False

Rule Version

M360-10-100200

Severity Override Guidance

Review the MaaS360 server console and confirm the server is configured to alert for audit event failures on managed mobile devices.

On the MaaS360 Console, complete the following steps:
1. Navigate to Security >> Policies and have the System Administrator identify which mobile operating system (iOS, etc.) the MDM policy alerts apply to.
2. Open the identified policy and go to device settings >> application compliance.
3. Verify that "Configure required applications" is set to "yes" and that all new applications are listed.
4. Repeat for other MOS as required (for example, Android).

If the "Configure required applications" is not set to "yes" or all new applications are not on the list, this is a finding.

Check Content Reference

M

Target Key

3403

Comments