STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 3 hours ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Unified Endpoint Management Agent Security Requirements Guide

V-234248

CAT I (High)

All UEM Agent cryptography supporting DoW functionality must be FIPS 140-3 validated.

Rule ID

SV-234248r1213344_rule

STIG

Unified Endpoint Management Agent Security Requirements Guide

Version

V2R2

CCIs

CCI-002450

Discussion

Unapproved cryptographic algorithms cannot be relied on to provide confidentiality or integrity, and DoW data could be compromised as a result. The most common vulnerabilities with cryptographic modules are those associated with poor implementation. FIPS 140-3 validation provides assurance that the relevant cryptography has been implemented correctly. FIPS 140-3 validation is also a strict requirement for use of cryptography in the federal government for protecting unclassified data. This requirement also applies to Zero Trust initiatives. Satisfies: FCS Reference: PP-MDMA-200600

Check Content

Verify all UEM Agent cryptography supporting DoW functionality is FIPS 140-3 validated.

If all UEM Agent cryptography supporting DoW functionality is not FIPS 140-3 validated, this is a finding.

Fix Text

Configure the UEM Agent cryptography supporting DoW functionality for FIPS 140-3 mode.