STIGQter: STIG Summary: Jamf Pro v10.x EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 03 Feb 2020:

The Jamf Pro EMM must automatically disable accounts after a 35 day period of account inactivity (local accounts).

DISA Rule

SV-108729r1_rule

Vulnerability Number

V-99625

Group Title

PP-MDM-991000

Rule Version

JAMF-10-100800

Severity

CAT II

CCI(s)

• CCI-000017 - The information system automatically disables inactive accounts after an organization-defined time period.

Weight

10

Fix Recommendation

Note: There is no setting on the Jamf Pro EMM console to implement this requirement.

A script should be used to periodically check when each local account was last accessed by the user and disable the account if there is a 35-day or more period of account inactivity. The script should be developed by the site or provided by Jamf.

Check Contents

Interview the site Jamf Pro EMM system administrator. Confirm a script is used to periodically check when each local account was last accessed by the user and disable the account if there is a 35-day or more period of account inactivity.

If a script is not used to periodically check when each local account was last accessed by the user and disable the account or if there is a 35-day or more period of account inactivity, this is a finding.

Vulnerability Number

V-99625

Documentable

False

Rule Version

JAMF-10-100800

Severity Override Guidance

Interview the site Jamf Pro EMM system administrator. Confirm a script is used to periodically check when each local account was last accessed by the user and disable the account if there is a 35-day or more period of account inactivity.

If a script is not used to periodically check when each local account was last accessed by the user and disable the account or if there is a 35-day or more period of account inactivity, this is a finding.

Check Content Reference

M

Target Key

3593

Comments