Check: GOOG-13-801000
Google Android 13 MDFPP 3.3 BYOAD STIG:
GOOG-13-801000
(in version v1 r1)
Title
The Google Android 13 BYOAD must be configured so that the work profile is removed if the device is no longer receiving security or software updates. (Cat II impact)
Discussion
When a BYOAD is out of compliance, DOD data and apps must be removed to protect against compromise of sensitive DOD information. Reference: DOD policy "Use of Non-Government Mobile Devices" (3.b.(1)ii). SFR ID: FMT_SMF_EXT.1.1 #47
Check Content
Verify the EMM system is configured to wipe the work profile if the Google Android 13 BYOAD is no longer receiving security or software updates. The exact procedure will depend on the EMM system used at the site. If the EMM system is not configured to wipe the work profile if the Google Android 13 BYOAD is no longer receiving security or software updates, this is a finding.
Fix Text
Configure the EMM system so the work profile is removed if the Google Android 13 BYOAD is no longer receiving security or software updates. The exact procedure will depend on the EMM system used at the site.
Additional Identifiers
Rule ID: SV-258468r929220_rule
Vulnerability ID: V-258468
Group Title: PP-BYO-000100
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |