STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 6 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Unified Endpoint Management Agent Security Requirements Guide

V-234248

CAT I (High)

All UEM Agent cryptography supporting DOD functionality must be FIPS 140-2/140-3 validated.

Rule ID

SV-234248r1137986_rule

STIG

Unified Endpoint Management Agent Security Requirements Guide

Version

V2R1

CCIs

CCI-002450

Discussion

Unapproved cryptographic algorithms cannot be relied on to provide confidentiality or integrity, and DOD data could be compromised as a result. The most common vulnerabilities with cryptographic modules are those associated with poor implementation. FIPS 140-2/140-3 validation provides assurance that the relevant cryptography has been implemented correctly. FIPS 140-2/140-3 validation is also a strict requirement for use of cryptography in the federal government for protecting unclassified data. This requirement also applies to Zero Trust initiatives. Satisfies: FCS Reference: PP-UEM-404200

Check Content

Verify all UEM Agent cryptography supporting DOD functionality is FIPS 140-2/140-3 validated.

If all UEM Agent cryptography supporting DOD functionality is not FIPS 140-2/140-3 validated, this is a finding.

Fix Text

Configure the UEM Agent cryptography supporting DOD functionality for FIPS 140-2/140-3 mode.