ISEC7 EMM Suite must disable or delete local account created during application installation and configuration.
An XCCDF Rule
Description
The ISEC7 local account password complexity controls do not meet DoD requirements; therefore, admins have the capability to configure the account out of compliance, which could allow attacker to gain unauthorized access to the server and access to command MDM servers.
- ID
- SV-106373r1_rule
- Version
- ISEC-06-000660
- Severity
- High
- References
- Updated
Remediation Templates
A Manual Procedure
Log in to the ISEC7 EMM Suite console.
Navigate to Administration >> Configuration >> Account Management >> Users.
Select Edit next to the local account Admin.
Check Login disabled for the account.
Click Save.