STIGQter STIGQter: STIG Summary: Samsung SDS EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 11 Sep 2020:

The Samsung SDS EMM must use multifactor authentication for local access to privileged accounts.

DISA Rule

SV-225657r547758_rule

Vulnerability Number

V-225657

Group Title

PP-MDM-991000

Rule Version

SSDS-00-200260

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Samsung SDS EMM to use multifactor authentication for local access to privileged accounts.

On the MDM console, do the following:
1. Log in to the Admin Console using a web browser.
2. Go to Setting >> Server >> Configuration and set Two-Factor Authentication to "Yes".
3. Click "Save".

Check Contents

Review the Samsung SDS EMM configuration settings and verify the server is configured to use multifactor authentication for local access to privileged accounts.

On the MDM console, do the following:
1. In the Admin Console login page, enter the Admin ID and password and click the "Sign in" button.
2. Enter the OTP (one-time password) in the pop-up by sending SMS or email that is registered in admin account information.
3. Login is successful.

If the OTP pop-up does not display, this is a finding.

Vulnerability Number

V-225657

Documentable

False

Rule Version

SSDS-00-200260

Severity Override Guidance

Review the Samsung SDS EMM configuration settings and verify the server is configured to use multifactor authentication for local access to privileged accounts.

On the MDM console, do the following:
1. In the Admin Console login page, enter the Admin ID and password and click the "Sign in" button.
2. Enter the OTP (one-time password) in the pop-up by sending SMS or email that is registered in admin account information.
3. Login is successful.

If the OTP pop-up does not display, this is a finding.

Check Content Reference

M

Target Key

4216

Comments