The MaaS360 MDM server must be configured to leverage the MDM platform user accounts and groups for MaaS360 MDM server user identification and authentication.

An XCCDF Rule

Description

<VulnDiscussion>A comprehensive account management process that includes automation helps to ensure the accounts designated as requiring attention are consistently and promptly addressed. If an attacker compromises an account, the entire MaaS360 MDM server infrastructure is at risk. Providing automated support functions for the management of accounts will ensure only active accounts will be granted access with the proper authorization levels. These objectives are best achieved by configuring the MaaS360 MDM server to leverage an enterprise authentication mechanism (e.g., Microsoft Active Directory Kerberos). SFR ID: FIA</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-96883r1_rule
Severity: Medium
References: CCI-000015
Updated: about 1 year ago

Configure the MaaS360 server to leverage the MDM platform user accounts and groups for MaaS360 server user identification and authentication.

On the MaaS360 Console, complete the following steps:
1. Navigate to Setup >> Settings.
2. Under Administrator Setting >> Advanced, select "Login Settings".
3. Select "Configure Federated Single Sign-On" and "Authenticate against Corporate User Directory".4. Install the Cloud Extender: Setup >> Cloud Extender and select "Cloud Extender Online".

The MaaS360 MDM server must be configured to leverage the MDM platform user accounts and groups for MaaS360 MDM server user identification and authentication.

Description

Remediation - Manual Procedure