Rule ID
SV-234248r1213344_rule
Version
V2R2
CCIs
Unapproved cryptographic algorithms cannot be relied on to provide confidentiality or integrity, and DoW data could be compromised as a result. The most common vulnerabilities with cryptographic modules are those associated with poor implementation. FIPS 140-3 validation provides assurance that the relevant cryptography has been implemented correctly. FIPS 140-3 validation is also a strict requirement for use of cryptography in the federal government for protecting unclassified data. This requirement also applies to Zero Trust initiatives. Satisfies: FCS Reference: PP-MDMA-200600
Verify all UEM Agent cryptography supporting DoW functionality is FIPS 140-3 validated. If all UEM Agent cryptography supporting DoW functionality is not FIPS 140-3 validated, this is a finding.
Configure the UEM Agent cryptography supporting DoW functionality for FIPS 140-3 mode.