Rule ID
SV-234521r1213161_rule
Version
V2R5
CCIs
If the application install policy is not enforced, malicious applications and vulnerable applications can be installed on managed mobile devices, which could compromise DoW data. Satisfies: FMT_SMF.1.1/MAS, FMT_MOF.1.1/MANAGEMENT_ENROLL
Verify the UEM server allows only enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications. If the UEM server does not allow only enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications, this is a finding.
Configure the UEM server to allow only enrolled devices that are compliant with UEM policies and assigned to a user in the application access group to download applications.