STIGQter: STIG Summary: Samsung Android OS 9 with Knox 3.x COPE Use Case KPE(Legacy) Deployment Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: Samsung Android OS 9 with Knox 3.x COPE Use Case KPE(Legacy) Deployment Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:SV-103963r1_rule
V-93877
PP-MDF-991000
KNOX-09-000415
CAT II
10
Configure Samsung Android Workspace to lock after 15 minutes (or less) of inactivity.
On the MDM console, for the Workspace, in the "Knox password constraints" group, set the "maximum time to lock" to 15 minutes.
Review the Samsung Android Workspace configuration settings to confirm that the Workspace is locked after 15 minutes (or less) of inactivity.
This procedure is performed on both the MDM Administration console and the Samsung Android device.
On the MDM console, for the Workspace, in the "Knox password constraints" group, verify that "maximum time to lock" is set to 15 minutes.
On the Samsung Android device, do the following:
1. Tap any app on the "Workspace" App screen.
2. Refrain from using the device for 15 minutes.
3. Verify that the device requires the user to enter the Workspace password to access any app on the "Workspace" App screen.
If on the MDM console "maximum time to lock" is not set to "15" minutes or less, or the Samsung Android Workspace does not lock after 15 minutes, this is a finding.
Note: If "When screen turns off" is selected in the Samsung Android Workspace setting Workspace >> Auto lock Workspace, the Workspace will not lock until the screen turns off, regardless of the maximum lock timeout.
V-93877
False
KNOX-09-000415
Review the Samsung Android Workspace configuration settings to confirm that the Workspace is locked after 15 minutes (or less) of inactivity.
This procedure is performed on both the MDM Administration console and the Samsung Android device.
On the MDM console, for the Workspace, in the "Knox password constraints" group, verify that "maximum time to lock" is set to 15 minutes.
On the Samsung Android device, do the following:
1. Tap any app on the "Workspace" App screen.
2. Refrain from using the device for 15 minutes.
3. Verify that the device requires the user to enter the Workspace password to access any app on the "Workspace" App screen.
If on the MDM console "maximum time to lock" is not set to "15" minutes or less, or the Samsung Android Workspace does not lock after 15 minutes, this is a finding.
Note: If "When screen turns off" is selected in the Samsung Android Workspace setting Workspace >> Auto lock Workspace, the Workspace will not lock until the screen turns off, regardless of the maximum lock timeout.
M
3509