Check: LGA6-99-100015
LG Android 6-x STIG:
LGA6-99-100015
(in versions v1 r2 through v1 r1)
Title
LG Android 6.x must be configured to implement the management settings: Disable Android Beam. (Cat II impact)
Discussion
Android Beam provides the capability for Android devices to transfer data between them. Data transfer is not encrypted using FIPS-validated encryption mechanisms. Sensitive DoD information could be compromised if Android beam is enabled. SFR ID: FMT_SMF_EXT.1.1 #45
Check Content
This validation procedure is performed on both the MDM Administration Console and the LG Android device. On the MDM console, do the following: 1. Ask the MDM administrator to display the "Allow Android Beam" setting in the MDM console. 2. Verify the setting for the Android Beam is disabled. 3. Verify the policy has been assigned to all groups. On the LG Android device: 1. Unlock the device. 2. Navigate to Settings >> General >> Share & connect. 3. Verify the Android Beam disabled and the following message is displayed: "Android Beam is disabled by server policy". If on the MDM console the "Allow Android Beam" setting is enabled or on the LG Android device Android Beam not disabled and the following message is not displayed: "Android Beam is disabled by server policy", this is a finding.
Fix Text
Configure the mobile device to disable Android Beam. On the MDM Administration Console, disable the "Allow Android Beam" setting.
Additional Identifiers
Rule ID: SV-81383r2_rule
Vulnerability ID: V-66893
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |