STIGQter: STIG Summary: Samsung Android OS 9 with Knox 3.x COPE Use Case KPE(AE) Deployment Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Samsung Android must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [DoD-approved commercial app repository, MDM server, mobile application store]: - disallow unknown app installation sources.

DISA Rule

SV-103845r1_rule

Vulnerability Number

V-93759

Group Title

PP-MDF-301080

Rule Version

KNOX-09-000130

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-001806 - The organization defines methods to be employed to enforce the software installation policies.

Weight

10

Fix Recommendation

Configure Samsung Android to disallow installation from unauthorized application repositories.

On the MDM console, for the device, in the "Android user restrictions" group, select "disallow install unknown sources".

Check Contents

Review device configuration settings to confirm that installation from unauthorized application repositories is disallowed.

This procedure is performed on both the MDM Administration console and the Samsung Android device.

On the MDM console, for the device, in the "Android user restrictions" group, verify that "disallow install unknown sources" is selected.

On the Samsung Android device, do the following:
1. Open Settings.
2. Tap "Apps".
3. Tap the Overflow menu (three vertical dots).
4. Tap "Special Access".
5. Tap "Install unknown apps".
6. Tap a listed app.
7. Verify that "Allow from this source" cannot be enabled.

If on the MDM console "disallow install unknown sources" is not selected, or on the Samsung Android device the user can enable "allow from this source" for an app, this is a finding.

Vulnerability Number

V-93759

Documentable

False

Rule Version

KNOX-09-000130

Severity Override Guidance

Review device configuration settings to confirm that installation from unauthorized application repositories is disallowed.

This procedure is performed on both the MDM Administration console and the Samsung Android device.

On the MDM console, for the device, in the "Android user restrictions" group, verify that "disallow install unknown sources" is selected.

On the Samsung Android device, do the following:
1. Open Settings.
2. Tap "Apps".
3. Tap the Overflow menu (three vertical dots).
4. Tap "Special Access".
5. Tap "Install unknown apps".
6. Tap a listed app.
7. Verify that "Allow from this source" cannot be enabled.

If on the MDM console "disallow install unknown sources" is not selected, or on the Samsung Android device the user can enable "allow from this source" for an app, this is a finding.

Check Content Reference

M

Target Key

3507

Comments