Title

If the BlackBerry Docs service is installed on the BlackBerry Enterprise Mobility Server (BEMS), it must be configured to enable audit logs. (Cat II impact)

Discussion

Logging must be used to track system activity, assist in diagnosing system issues, and provide evidence needed for forensic investigations post security incident.

Check Content

This requirement is not applicable if the BlackBerry Docs service is not enabled on BEMS. Verify audit logging is enabled for the BlackBerry Docs service as follows: 1. In the BEMS Dashboard, under "BlackBerry Services Configuration", click "Docs". 2. Click "Audit". 3. On the "Audit Settings" tab, verify "Enable Audit Logs" is selected. If audit logging is not enabled for the BlackBerry Docs service, this is a finding.

Fix Text

Enable audit logging for the BlackBerry Docs service as follows: 1. In the BEMS Dashboard, under "BlackBerry Services Configuration", click "Docs". 2. Click "Audit". 3. On the "Audit Settings" tab, select the "Enable Audit Logs" check box. 4. Click "Save".

Additional Identifiers

Rule ID: SV-254728r879887_rule

Vulnerability ID: V-254728

Group Title: SRG-APP-000516-AS-000237

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.