Omnissa Workspace ONE UEM STIG Y26M05 Checklist Details (Checklist Revisions)
Supporting Resources:
-
Download Standalone XCCDF 1.1.4 - Omnissa Workspace ONE UEM STIG
- Defense Information Systems Agency
Target:
| Target | CPE Name |
|---|---|
| Omnissa Workspace ONE UEM (Unified Endpoint Management) | cpe:/a:omnissa:workspace_one_uem:- (View CVEs) |
Checklist Highlights
- Checklist Name:
- Omnissa Workspace ONE UEM STIG
- Checklist ID:
- 1343
- Version:
- Y26M05
- Type:
- Compliance
- Review Status:
- Candidate
- Authority:
- Governmental Authority: Defense Information Systems Agency
- Original Publication Date:
- 07/02/2026
Checklist Summary:
The Omnissa WS1 UEM STIG provides security policy and configuration requirements for the use of the WS1 UEM Server platform to provide administrative management of mobile operating system (MOS) devices and desktop operating systems in the Department of War (DoW). This STIG applies to the Software as a Service (SaaS) Federal Risk and Authorization Management Program (FedRAMP) and the partner-deployed Omnissa Sovereign Solution (OSS) versions of WS1 UEM. Refer to https://www.omnissa.com/trust-center/compliance/fedramp/ for more information on the status of the WS1 UEM FedRAMP certifications. The scope of this STIG includes both mobile operating systems (Apple iOS/iPadOS, Google Android, and Samsung Android devices) and desktop operating systems (Windows and MacOS). Note: This STIG assumes the Cloud Service Provider (CSP) has implemented the Cloud SRG.
Checklist Role:
- Database Management System
Known Issues:
Not provided.
Target Audience:
Parties within the DoW and federal government’s computing environments can obtain the applicable STIG from the DoW Cyber Exchange website at https://cyber.mil/. This site contains the latest copies of STIGs, SRGs, and other related security information. Those without a Common Access Card (CAC) that has DoW Certificates can obtain the STIG from https://public.cyber.mil/.
Target Operational Environment:
- Managed
- Specialized Security-Limited Functionality (SSLF)
Testing Information:
Not provided.
Regulatory Compliance:
This document is provided under the authority of DODI 8500.01.
Comments/Warnings/Miscellaneous:
All technical NIST SP 800-53 requirements were considered while developing this STIG. Requirements that are applicable and configurable will be included in the final STIG. A report marked Controlled Unclassified Information (CUI) will be available for items that did not meet requirements. This report will be available to component authorizing official (AO) personnel for risk assessment purposes by request via email to: [email protected].
Disclaimer:
Not provided.
Product Support:
Comments or proposed revisions to this document should be sent via email to the following address: [email protected]. DISA will coordinate all change requests with the relevant DoW organizations before inclusion in this document. Approved changes will be made in accordance with the DISA maintenance release schedule.
Point of Contact:
Sponsor:
Not provided.
Licensing:
Not provided.
Change History:
Dependency/Requirements:
| URL | Description |
|---|
References:
| Reference URL | Description |
|---|
NIST checklist record last modified on 07/06/2026
* This checklist is still undergoing review for inclusion into the NCP.
