STIGQter: STIG Summary: Samsung SDS EMM v1.5.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Jan 2017:

The Samsung SDS EMM server or platform must initiate a session lock after a 15-minute period of inactivity.

DISA Rule

SV-87859r1_rule

Vulnerability Number

V-73207

Group Title

PP-MDM-991010

Rule Version

SEMM-15-100010

Severity

CAT II

CCI(s)

• CCI-000057 - The information system initiates a session lock after the organization-defined time period of inactivity.

Weight

10

Fix Recommendation

To configure the Samsung SDS EMM server or platform to lock the server after 15 minutes of inactivity do the following:
1) Log in to the Samsung SDS EMM Server Admin Console using a web browser.
2) Click the “v” symbol at the top right of the web page to get a pull-down menu.
3) Choose “Configure session timeout”.
4) Set the Session Timeout(min) value to "15".
5) Click on the “Save” button.

Check Contents

Review the Samsung SDS EMM server or platform configuration to determine whether the system is locked after 15 minutes. Clock the time on a server to validate that it is correctly enforcing the time period.

If the session lock does not occur within 15 minutes of inactivity, this is a finding.

Vulnerability Number

V-73207

Documentable

False

Rule Version

SEMM-15-100010

Severity Override Guidance

Review the Samsung SDS EMM server or platform configuration to determine whether the system is locked after 15 minutes. Clock the time on a server to validate that it is correctly enforcing the time period.

If the session lock does not occur within 15 minutes of inactivity, this is a finding.

Check Content Reference

M

Target Key

3175

Comments