STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated just now
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Unified Endpoint Management Server Security Requirements Guide

V-234356

CAT II (Medium)

The UEM server must be configured to use a DoW Central Directory Service to provide multifactor authentication for network access to privileged and nonprivileged accounts.

Rule ID

SV-234356r1212988_rule

STIG

Unified Endpoint Management Server Security Requirements Guide

Version

V2R5

CCIs

CCI-000765

Discussion

A comprehensive account management process that includes automation helps to ensure the accounts designated as requiring attention are consistently and promptly addressed. If an attacker compromises an account, the entire MDM server infrastructure is at risk. Providing automated support functions for the management of accounts will ensure only active accounts will be granted access with the proper authorization levels. These objectives are best achieved by configuring the MDM server to leverage an enterprise authentication mechanism (e.g., Microsoft Active Directory Kerberos). Satisfies: FIA, FMT_SMF.1.1/SERVER_CONF_SERVER b.11 Reference:PP-MDM-505700

Check Content

Verify the UEM server uses a DoW Central Directory Service to provide multifactor authentication for network access to privileged and nonprivileged accounts.

If the UEM server does not use a DoW Central Directory Service to provide multifactor authentication for network access to privileged and nonprivileged accounts, this is a finding.

Fix Text

Configure the UEM server to use a DoW Central Directory Service to provide multifactor authentication for network access to privileged and nonprivileged accounts.