Check: GOOG-13-800300
Google Android 13 MDFPP 3.3 BYOAD STIG:
GOOG-13-800300
(in version v1 r1)
Title
The EMM system supporting the Google Android 13 BYOAD must be configured to initiate autonomous monitoring, compliance, and validation prior to granting the Google Android 13 BYOAD access to DOD information and IT resources. (Cat II impact)
Discussion
DOD policy requires BYOAD devices with DOD data be managed by a DOD MDM server, MAM server, or VMI system. This ensures the device can be monitored for compliance with the approved security baseline and the work profile can be removed when the device is out of compliance, which protects DOD data from unauthorized exposure. Reference: DOD policy "Use of Non-Government Mobile Devices" (3.a.(3)iii). SFR ID: FMT_SMF_EXT.1.1 #47
Check Content
Verify the EMM system supporting the Google Android 13 BYOAD has been configured to initiate autonomous monitoring, compliance, and validation prior to granting the BYOAD access to DOD information and IT resources. The exact procedure will depend on the EMM system used at the site. If the EMM system supporting the Google Android 13 BYOAD has not been configured to initiate autonomous monitoring, compliance, and validation prior to granting the BYOAD access to DOD information and IT resources, this is a finding.
Fix Text
Configure the EMM system supporting the Google Android 13 BYOAD to initiate autonomous monitoring, compliance, and validation prior to granting the BYOAD access to DOD information and IT resources. The exact procedure will depend on the EMM system used at the site.
Additional Identifiers
Rule ID: SV-258462r929202_rule
Vulnerability ID: V-258462
Group Title: PP-BYO-000030
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |