STIGs Search Compare About

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
Compare Versions

Resources

About
VPAT
DISA STIG Library

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

AvePoint DocAve 6 Security Technical Implementation Guide

Version

V1R2

Benchmark ID

AvePoint_DocAve_6_STIG

Total Checks

9

Tags

other

CAT I: 3CAT II: 6CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON

Checks (9)

V-253510MEDIUMDocAve must limit the number of concurrent sessions to an organization-defined number for all accounts and/or account types.V-253511MEDIUMDocAve must initiate a session lock after a 15-minute period of inactivity.V-253512HIGHDocAve must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.V-253513MEDIUMDocAve must provide automated mechanisms for supporting account management functions.V-253514MEDIUMDocAve must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.V-253515HIGHDocAve must use multifactor authentication for network access to privileged accounts.V-253516HIGHThe underlying IIS platform must be configured for Smart Card (CAC) Authorization.V-253517MEDIUMDocAve must control remote access methods.V-253518MEDIUMDocAve must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions.