STIGQter: STIG Summary: Samsung SDS EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 11 Sep 2020:

The Samsung SDS EMM must automatically disable accounts after a 35-day period of account inactivity (local accounts).

DISA Rule

SV-225655r547752_rule

Vulnerability Number

V-225655

Group Title

PP-MDM-991000

Rule Version

SSDS-00-200240

Severity

CAT II

CCI(s)

• CCI-000017 - The information system automatically disables inactive accounts after an organization-defined time period.

Weight

10

Fix Recommendation

Configure the Samsung SDS EMM to disable accounts after 35 days.

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Setting >> Server >> Configuration and set Inactivity Limit on Admin Accounts (days) to "35" days.
3. Click the "Save" button.

Check Contents

Review Samsung SDS EMM server documentation and configuration settings to determine if the admin account is automatically disabled after 35 days.

On the MDM console, verify that the MDM console Inactivity Limit on Admin Accounts (days) is set to "35".

If sub-administrators or read-only administrators do not sign in for 35 days, their accounts are locked.

If the MDM console Inactivity Limit on Admin Accounts (days) is not set to "35", this is a finding.

Vulnerability Number

V-225655

Documentable

False

Rule Version

SSDS-00-200240

Severity Override Guidance

Review Samsung SDS EMM server documentation and configuration settings to determine if the admin account is automatically disabled after 35 days.

On the MDM console, verify that the MDM console Inactivity Limit on Admin Accounts (days) is set to "35".

If sub-administrators or read-only administrators do not sign in for 35 days, their accounts are locked.

If the MDM console Inactivity Limit on Admin Accounts (days) is not set to "35", this is a finding.

Check Content Reference

M

Target Key

4216

Comments