STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Samsung SDS EMM Security Technical Implementation Guide

V-225649

CAT I (High)

The Samsung SDS EMM server must be configured to use one-time password in addition to username and password for administrator logon to the server.

Rule ID

SV-225649r744410_rule

STIG

Samsung SDS EMM Security Technical Implementation Guide

Version

V1R3

CCIs

CCI-000015

Discussion

Two-factor authentication ensures strong authentication and access controls are in place for privileged accounts. But One-Time Passwords (OTP) do not meet DoD requirements that system administrators access privileged accounts via CAC authentication through a directory service (Active Directory). SFR ID: FIA

Check Content

Verify the EMM server has not been configured to use one-time password (OTP) for administrator logon to the server. 
 
On the MDM console, do the following: 
1.  Log into the SDS EMM console.
2.  Go to Setting >> Server >> Configuration >> Two-Factor Authentication.
3.  Verify Two-Factor Authentication is set to "No".
 
If the EMM server has not been configured to disable one-time-password (OTP) for administrator logon to the server, this is a finding.

Fix Text

Use the following procedure for configuring the use of OTP authentication on the EMM server: 
 
On the MDM console, do the following: 
1.  Log into the SDS EMM console.
2.  Go to Setting >> Server >> Configuration >> Two-Factor Authentication.
3.  Set Two-Factor Authentication to "No".
4.  Save setting.