The Enterprise Voice, Video, and Messaging Endpoint must be configured to uniquely identify participating users.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
high	V-259964	SRG-NET-000138	SRG-NET-000138-VVEP-00029	SV-259964r948859_rule	2024-08-02	1

Description
To ensure accountability and prevent unauthenticated access, users must be identified to prevent potential misuse and compromise of the system. The Enterprise Voice, Video, and Messaging Endpoint must display the source of an incoming call and the participant's identity to aid the user in deciding whether to answer a call. The information potentially at risk is that which can be seen in the physical area of the Enterprise Voice, Video, and Messaging Endpoint or carried by the conference in which it is participating. This does not apply to authentication for the purpose of configuring the device itself (i.e., device management).

Description

To ensure accountability and prevent unauthenticated access, users must be identified to prevent potential misuse and compromise of the system. The Enterprise Voice, Video, and Messaging Endpoint must display the source of an incoming call and the participant's identity to aid the user in deciding whether to answer a call. The information potentially at risk is that which can be seen in the physical area of the Enterprise Voice, Video, and Messaging Endpoint or carried by the conference in which it is participating. This does not apply to authentication for the purpose of configuring the device itself (i.e., device management).

ℹ️ Check
Verify the Enterprise Voice, Video, and Messaging Endpoint uniquely identifies participating users. Identification must be visible and displayed locally. If the Enterprise Voice, Video, and Messaging Endpoint does not uniquely identify participating users, this is a finding.

✔️ Fix
Configure the Enterprise Voice, Video, and Messaging Endpoint to uniquely identify participating users.