STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Unified Endpoint Management Agent Security Requirements Guide

V-234248

CAT I (High)

All UEM Agent cryptography supporting DOD functionality must be FIPS 140-2/140-3 validated.

Rule ID

SV-234248r1137986_rule

STIG

Unified Endpoint Management Agent Security Requirements Guide

Version

V2R1

CCIs

CCI-002450

Discussion

Unapproved cryptographic algorithms cannot be relied on to provide confidentiality or integrity, and DOD data could be compromised as a result. The most common vulnerabilities with cryptographic modules are those associated with poor implementation. FIPS 140-2/140-3 validation provides assurance that the relevant cryptography has been implemented correctly. FIPS 140-2/140-3 validation is also a strict requirement for use of cryptography in the federal government for protecting unclassified data. This requirement also applies to Zero Trust initiatives. Satisfies: FCS Reference: PP-UEM-404200

Check Content

Verify all UEM Agent cryptography supporting DOD functionality is FIPS 140-2/140-3 validated.

If all UEM Agent cryptography supporting DOD functionality is not FIPS 140-2/140-3 validated, this is a finding.

Fix Text

Configure the UEM Agent cryptography supporting DOD functionality for FIPS 140-2/140-3 mode.