STIGQter: STIG Summary: IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 26 Apr 2019: STIGQter: STIG Summary: IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 26 Apr 2019:SV-96895r1_rule
V-82181
PP-MDM-323202
M360-10-100300
CAT III
10
Configure the MaaS360 server to enable all required audit events: Failure to update an existing application on a managed mobile device.
On the MaaS360 Console, complete the following steps:
1. Navigate to Devices >> Groups.
2. Select "Add", "Device Groups", and create a new search with the conditions noted below.
3. Select "edit" for one of the identified groups and set the two conditions:
- Condition 1: "Software Installed", "Application Name", "Contains", "<Name of Application>"
- Condition 2: "Software Installed", "Full Version", "Contains","<latest version of Application>"
4. Select "Search" and then create a new device group and provide an appropriate group name and description.
5. Navigate to Security >> Compliance Rules.
6. Select one or more Rule Set Names that alert for failure to update an existing application on a managed mobile device.
7. Open “Rule Set Name” and select “Enforcement Rules”.
8. Set the “Application Compliance” to “enabled” and select "Alert" for “Enforcement Action”.
9. Go to Group Based Rules and assign the rule selected in Step 6 to the group identified in Step 4.
Review the MaaS360 server console and confirm the server is configured to alert for audit event failures on managed mobile devices.
On the MaaS360 Console, complete the following steps:
1. Navigate to Devices >> Groups.
2. Have the System Administrator identify one or more groups that alert for failure to update an existing application on a managed mobile device.
3. Select "edit" for one of the identified groups and verify that the two conditions exist:
- Condition 1: "Software Installed", "Application Name", "Contains", "<Name of Application>"
- Condition 2: "Software Installed", "Full Version", "Contains","<latest version of Application>"
4. Navigate to Security >> Compliance Rules.
5. Have the System Administrator identify one or more Rule Set Names that alert for failure to update an existing application on a managed mobile device.
6. Open “Rule Set Name” and select “Enforcement Rules”.
7. Verify that “Application Compliance” is enabled and "Alert" is selected for “Enforcement Action”.
8. Go to Group Based Rules and verify that the rule selected in Step 5 has been assigned to the group identified in Step 3.
If two conditions in the device group are not set correctly, or application compliance is not enabled and set correctly in the rule set name, or the rule is not assigned to the group, this is a finding.
V-82181
False
M360-10-100300
Review the MaaS360 server console and confirm the server is configured to alert for audit event failures on managed mobile devices.
On the MaaS360 Console, complete the following steps:
1. Navigate to Devices >> Groups.
2. Have the System Administrator identify one or more groups that alert for failure to update an existing application on a managed mobile device.
3. Select "edit" for one of the identified groups and verify that the two conditions exist:
- Condition 1: "Software Installed", "Application Name", "Contains", "<Name of Application>"
- Condition 2: "Software Installed", "Full Version", "Contains","<latest version of Application>"
4. Navigate to Security >> Compliance Rules.
5. Have the System Administrator identify one or more Rule Set Names that alert for failure to update an existing application on a managed mobile device.
6. Open “Rule Set Name” and select “Enforcement Rules”.
7. Verify that “Application Compliance” is enabled and "Alert" is selected for “Enforcement Action”.
8. Go to Group Based Rules and verify that the rule selected in Step 5 has been assigned to the group identified in Step 3.
If two conditions in the device group are not set correctly, or application compliance is not enabled and set correctly in the rule set name, or the rule is not assigned to the group, this is a finding.
M
3403