An error occurred:

Check: APCG-00-000035

AvePoint Compliance Guardian STIG: APCG-00-000035 (in version v1 r1)

Title

Compliance Guardian must accept FICAM-approved third-party credentials. (Cat II impact)

Discussion

Access may be denied to legitimate users if FICAM-approved third-party credentials are not accepted. This requirement typically applies to organizational information systems that are accessible to nonfederal government agencies and other partners. This allows federal government-relying parties to trust such credentials at their approved assurance levels. Third-party credentials are those credentials issued by nonfederal government entities approved by the Federal Identity, Credential, and Access Management (FICAM) Trust Framework Solutions initiative.

Check Content

Note: This requirement is Not Applicable if ADFS is not being utilized. ADFS can be used to federate with approved third-party users. Check the Compliance Guardian configuration option for ADFS Integration. - Log on to Compliance Guardian with admin account. - On the Control Panel page in the General Security section, click "Authentication Manager". - Verify that the ADFS Integration option is enabled. If the ADFS Integration is not enabled, this is a finding.

Fix Text

Configure Compliance Guardian to use ADFS Integration. - Log on to Compliance Guardian with admin account. - On the Control Panel page in the General Security section, click "Authentication Manager". - Click "ADFS Integration" to open ADFS Integration Configuration Wizard page and complete the configuration. - Click "Enable link" of the ADFS Integration row to enable ADFS Integration. - Back on the Control Panel page in the Account section, click "Users". - Navigate to "Add User" page. - Select ADFS Claim from the drop-down list in the "User Type" field. - Select the Claim Name and input the Claim Value in the "How Would You Like To Retrieve User Information" field. - Save the settings.

Additional Identifiers

Rule ID: SV-256846r890148_rule

Vulnerability ID: V-256846

Group Title: SRG-APP-000404

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-002011

The information system accepts FICAM-approved third-party credentials.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-8 (2)

Acceptance Of Third-Party Credentials