ISEC7 EMM Suite must disable or delete local account created during application installation and configuration.

An XCCDF Rule

Description

<VulnDiscussion>The ISEC7 local account password complexity controls do not meet DoD requirements; therefore, admins have the capability to configure the account out of compliance, which could allow attacker to gain unauthorized access to the server and access to command MDM servers.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-224767r505933_rule
Severity: High
References: CCI-000764
Updated: about 1 year ago

Log in to the ISEC7 EMM Suite console.
Navigate to Administration >> Configuration  >> Account Management >> Users.
Select Edit next to the local account Admin.
Check Login disabled for the account.
Click Save.

ISEC7 EMM Suite must disable or delete local account created during application installation and configuration.

Description

Remediation - Manual Procedure