The Jamf Pro EMM server platform must be protected by a DoD-approved firewall.
#JAMF PRO GUIDE PASSWORD#
Password complexity, or strength, is a measure of the. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
The Jamf Pro EMM local accounts password must be configured with length of 15 characters. If the default MySQL database name and password are not changed an adversary could gain unauthorized access to the application which could lead to the compromise of sensitive DoD data. If separate MySQL accounts with limited privileges are not created an adversary could gain unauthorized access to the application or gain access unauthorized features which could lead to the.Ī unique database name and a unique MySQL user with a secure password must be created for use in Jamf Pro EMM. Separate MySQL user accounts with limited privileges must be created within Jamf Pro EMM. MySQL database backups must be scheduled in Jamf Pro EMM.ĭatabase backups are a recognized best practice to protect against key data loss and possible adverse impacts to the mission of the organization. If the database password is not removed or set to a blank value in the configuration file, the user is not forced to enter the password, which would allow an adversary to access to access the. The MySQL DatabasePassword key must be removed or set to a blank value in the database configuration file in Jamf Pro EMM. MDM/EMM server versions no longer supported by the vendor will not receive security updates for new. The MDM/EMM vendor maintains specific product versions for a specific period of time. Jamf Pro EMM must be maintained at a supported version.
Findings (MAC III - Administrative Sensitive) Finding ID
0 kommentar(er)
