By Bob Gourley
The Mobile Device Management (MDM) Security Requirements Guide (SRG) is one in a family of SRGs addressing mobility solutions. Other mobility SRGs include the Mobile Operating System SRG, Mobile Applications SRG, and the Mobile Policy SRG. DISA and DoD guidance is that any organization designing or implementing an enterprise mobile solution within DoD must consider all of the mobility SRGs together to ensure compliance. So this guidance is a pretty big deal for a pretty big organization.
You can find this and all other DISA/DoD security requirements guides for mobile solutions at: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html
More background: The Mobile Policy SRG is one of a family of four Mobility SRGs that must be considered together when implementing an enterprise mobility solution within DoD.
• The Mobile Operating System (MOS) SRG addresses security for the operating system installed on mobile devices, primarily in the smartphone and tablet form factor, and maps to the IA controls in the core OS SRG.
• The Mobile Device Management (MDM) SRG addresses centralized management of mobile operating systems and applications. The MDM SRG also covers aspects of device integrity verification and enterprise email. The IA controls in the MDM SRG map to the IA controls in the core Applications SRG.
• The Mobile Applications SRG addresses the security of applications that run on mobile OS. The IA controls in the Mobile Applications SRG also map to the IA controls in the core Applications SRG.
• The Mobile Policy SRG addresses management, operational, personnel, and physical security controls related to mobile devices. The IA controls in the Mobile Policy SRG map to the IA controls in the core Policy SRG.
Find them all at: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html