Check: KNOX-09-000130
Samsung OS 9 with Knox 3.x COBO Use Case KPE(AE) Deployment STIG:
KNOX-09-000130
(in versions v1 r4 through v1 r1)
Title
Samsung Android must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [DoD-approved commercial app repository, MDM server, mobile application store]: - disallow unknown app installation sources. (Cat II impact)
Discussion
Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing such installations and executions could cause a compromise of DoD data accessible by these unauthorized/malicious applications. SFR ID: FMT_SMF_EXT.1.1 #8a
Check Content
Review device configuration settings to confirm that installation from unauthorized application repositories is disallowed. This procedure is performed on both the MDM Administration console and the Samsung Android device. On the MDM console, for the device, in the "Android user restrictions" group, verify that "disallow install unknown sources" is selected. On the Samsung Android device, do the following: 1. Open Settings. 2. Tap "Apps". 3. Tap the Overflow menu (three vertical dots). 4. Tap "Special Access". 5. Tap "Install unknown apps". 6. Tap a listed app. 7. Verify that "Allow from this source" cannot be enabled. If on the MDM console "disallow install unknown sources" is not selected, or on the Samsung Android device the user can enable "allow from this source" for an app, this is a finding.
Fix Text
Configure Samsung Android to disallow installation from unauthorized application repositories. On the MDM console, for the device, in the "Android user restrictions" group, select "disallow install unknown sources".
Additional Identifiers
Rule ID: SV-217664r617471_rule
Vulnerability ID: V-217664
Group Title: PP-MDF-301080
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
CCI-001806 |
The organization defines methods to be employed to enforce the software installation policies. |