The MaaS360 MDM Agent must provide an alert via the trusted channel to the MDM server for the following event: change in enrollment state.
An XCCDF Rule
Description
<VulnDiscussion>Alerts providing notification of a change in enrollment state facilitate verification of the correct operation of security functions. When an MDM server receives such an alert from a MaaS360 MDM Agent, it indicates that the security policy may no longer be enforced on the mobile device. This enables the MDM administrator to take an appropriate remedial action. SFR ID: FAU_ALT_EXT.2.1</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-96909r1_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the MaaS360 Agent to alert via the trusted channel to the MaaS360 server for the following event: change in enrollment status
On the MaaS360 Console, complete the following steps:
1. Navigate to Security >> Compliance Rules >> Add Rule Set and Create a rule.
2. Under Basic Settings >> Select Applicable Platforms, select the MOS, and under "Event Notification Recipients", input the email for the system administrator who will get the notification.
3. Under “Enforcement Rules”, select Enforcement Rules and ensure the "Enrollment" box is checked and that all boxes for "Trigger Action on Managed Status" are checked.