Free DISA STIG and SRG Library | Vaulted

V-79023

The BlackBerry Enterprise Mobility Server (BEMS) must be configured to use HTTPS.

Finding ID
BEMS-00-013500
Rule ID
SV-93729r1_rule
Severity
Cat I
CCE
(None)
Group Title
SRG-APP-000516-AS-000237
CCI
CCI-000068
Target Key
(None)
Documentable
No
Discussion

Preventing the disclosure of transmitted information requires that applications take measures to employ some form of cryptographic mechanism in order to protect the information during transmission to web applications. This is usually achieved through the use of HTTPS.

Fix Text

Configure BEMS to use HTTPS as follows: 1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration". 2. Click "BlackBerry Dynamics". 3. In the Protocol drop-down list, select "HTTPS".

Check Content

Verify BEMS has been configured to use HTTPS as follows: 1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration". 2. Click "BlackBerry Dynamics". 3. In the Protocol drop-down list, verify "HTTPS" is selected. If HTTPS is not configured on BEMS, this is a finding.