None Computing title Citrix Virtual Apps and Desktop 7.x Workspace App Security Technical Implementation Guide version 1 releaseinfo Release: 2 Vuln_Num V-234262 Rule_ID SV-234262r640183_rule Severity medium Rule_Title Citrix Workspace must accept Personal Identity Verification (PIV) credentials. Vuln_Discuss The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access.<br /><br />DoD has mandated the use of the Common Access Card (CAC) to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.<br /><br />Satisfies: SRG-APP-000391, SRG-APP-000392 Check_Content Verify the policy value for Administrative Templates >> Citrix Components >> Citrix Workspace >> User authentication >> "Smart card authentication" is not set to "Disabled". For this setting, "Not Configured" is equivalent to "Enabled".<br /><br />If the "Smart card authentication" policy is set to "Disabled", this is a finding. Fix_Text Set the policy value for Administrative Templates >> Citrix Components >> Citrix Workspace >> User authentication >> "Smart card authentication" to "Enabled" and check the "Allow smart card authentication" box. <br /><br />If the environment leverages PIN pass-through, also check the "Use pass-through authentication for PIN" box. Not_Reviewed