The BlackBerry Enterprise Mobility Server (BEMS) must be configured to use HTTPS.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| high | V-79023 | SRG-APP-000516-AS-000237 | BEMS-00-013500 | SV-93729r1_rule | 2020-05-15 | 1 |
| Description |
|---|
| Preventing the disclosure of transmitted information requires that applications take measures to employ some form of cryptographic mechanism in order to protect the information during transmission to web applications. This is usually achieved through the use of HTTPS. |
| ℹ️ Check |
|---|
| Verify BEMS has been configured to use HTTPS as follows: 1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration". 2. Click "BlackBerry Dynamics". 3. In the Protocol drop-down list, verify "HTTPS" is selected. If HTTPS is not configured on BEMS, this is a finding. |
| ✔️ Fix |
|---|
| Configure BEMS to use HTTPS as follows: 1. In the BEMS Dashboard, under "BEMS System Settings", click "BEMS Configuration". 2. Click "BlackBerry Dynamics". 3. In the Protocol drop-down list, select "HTTPS". |