Tanium Server files must be protected from file encryption actions.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-78725 | SRG-APP-000516 | TANS-SV-000043 | SV-93431r1_rule | 2018-07-09 | 1 |
| Description |
|---|
| Similar to any other host-based applications, the Tanium Server is subject to the restrictions other System-level software may place on an operating environment. Antivirus, Encryption, or other security and management stack software may disallow the Tanium Server from working as expected. https://docs.tanium.com/platform_install/platform_install/reference_host_system_security_exceptions.html. |
| ℹ️ Check |
|---|
| Consult with the Tanium System Administrator to determine the file-level encryption software used on the Tanium Server. Review the settings for the file-level encryption software. Validate exclusions exist that exclude the Tanium program files from being encrypted by the file-level encryption software. If exclusions do not exist, this is a finding. |
| ✔️ Fix |
|---|
| Implement excluding policies within the file-level encryption software solution to exclude encryption of the Tanium Server program files. |