7.9 Ensure that mobile devices require complex passwords (Type = Alphanumeric)

Information

You should require your users to use a complex password with a at least two character sets (letters and numbers, for example) to unlock their mobile devices.

Rationale:

Devices without this protection are vulnerable to being accessed physically by attackers who can then steal account credentials, data, or install malware on the device.

Impact:

This setting will have a moderate user impact

Solution

To set mobile device management profiles, use the Microsoft 365 Admin Center:

Under Admin Centers select Endpoint Management.

Select Devices and then under Policy select Configuration profiles

Select Create profile

Set a Name for the policy, choose the appropriate Platform and select Device restrictions

In the Password section, ensure that Required password type is set to Alphanumeric.

Default Value:

This setting is not enabled by default.

See Also

https://workbench.cisecurity.org/files/4073

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1), CSCv7|4.4, CSCv7|5

Plugin: microsoft_azure

Control ID: 2bf1fb0673acce03e91464cdd485a12cfeba2502e5864e0ebcebe4693963b733