Check: BEMS-00-014700
BlackBerry Enterprise Mobility Server 2.x STIG:
BEMS-00-014700
(in versions v2 r0.1 through v1 r0.1)
Title
If the BlackBerry Docs service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to enable audit logs. (Cat II impact)
Discussion
Logging must be used in order to track system activity, assist in diagnosing system issues, and provide evidence needed for forensic investigations post security incident.
Check Content
This requirement is not applicable if the BlackBerry Docs service is not enabled on BEMS. Verify audit logging is enabled for the BlackBerry Docs service as follows: 1. In the BEMS Dashboard, under "BlackBerry Services Configuration", click "Docs". 2. Click "Audit". 3. On the "Audit Settings" tab, verify "Enable Audit Logs" is selected. If audit logging is not enabled for the BlackBerry Docs service, this is a finding.
Fix Text
Enable audit logging for the BlackBerry Docs service as follows: 1. In the BEMS Dashboard, under "BlackBerry Services Configuration", click "Docs". 2. Click "Audit". 3. On the "Audit Settings" tab, select the "Enable Audit Logs" check box. 4. Click "Save".
Additional Identifiers
Rule ID: SV-93753r1_rule
Vulnerability ID: V-79047
Group Title: SRG-APP-000516-AS-000237
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000067 |
The information system monitors remote access methods. |
Controls
Number | Title |
---|---|
AC-17 (1) |
Automated Monitoring / Control |