Skip to content

ISEC7 EMM Suite must disable or delete local account created during application installation and configuration.

An XCCDF Rule

Description

The ISEC7 local account password complexity controls do not meet DoD requirements; therefore, admins have the capability to configure the account out of compliance, which could allow attacker to gain unauthorized access to the server and access to command MDM servers.

ID
SV-106373r1_rule
Version
ISEC-06-000660
Severity
High
References
Updated

Remediation Templates

A Manual Procedure

Log in to the ISEC7 EMM Suite console.
Navigate to Administration >> Configuration  >> Account Management >> Users.
Select Edit next to the local account Admin.
Check Login disabled for the account.
Click Save.