Title

Mobile OS devices (smartphones/tablets) must have a system integrity validation application installed or have validation scanning, using a PC based tool, completed on the required schedule. (Cat II impact)

Discussion

The purpose of this scan is to determine if there has been an unexplained change in the mobile OS file system that may indicate the device has been compromised by malware or by rooting the device.

Check Content

Detailed Policy Requirements: All site managed Android devices must be have the Fixmo Sentinel application integrity validation tool installed. Check Procedures: Interview the IAO and Android device Administrator. Verify the Fixmo Sentinel application is installed on site Android mobile devices. Select 4-5 Android site managed Android devices to review. For each device, have the user log into the device. Go to Settings > Applications > Manage applications. To view the list of applications on the smartphone select “All”. To view a list of applications on the SD media card select “On SD card”. Verify Sentinel is listed as an installed application. Mark as a finding if Sentinel is not installed.

Fix Text

Install Fixmo Sentinel on all site managed mobile devices.

Additional Identifiers

Rule ID: SV-39856r1_rule

Vulnerability ID: V-30248

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.