STIGQter: STIG Summary: Google Android 9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2019:

The Google Android Pie must be configured to lock the display after 15 minutes (or less) of inactivity.

DISA Rule

SV-106415r1_rule

Vulnerability Number

V-97311

Group Title

PP-MDF-301040

Rule Version

GOOG-09-000400

Severity

CAT II

CCI(s)

• CCI-000057 - The information system initiates a session lock after the organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Configure the Google Android device to lock the device display after 15 minutes (or less) of inactivity.

On the MDM Console:
1. Open password requirements.
2. Open device password section.
3. Set "Device Lock Timeout" to any number between 1 and 15.

Check Contents

Review Google Android device configuration settings to determine if the mobile device has the screen lock timeout set to 15 minutes or less.

This validation procedure is performed on both the MDM Administration Console and the Android Pie device.

On the MDM console, do the following:

1. Open passcode requirements
2. Open device passcode section
3. Ensure "Device Lock Timeout" to any number between 1 and 15

On the Android Pie device, do the following:
1. Open settings >> Security & location
2. Click the "gear" icon next to "Screen lock"
3. Ensure "Automatically lock" is set to between 0 and 15 minutes

If the MDM console device policy is not set to 15 minutes or less for the screen lock timeout or on the Android Pie device, the device policy is not set to 15 minutes or less for the screen lock timeout, this is a finding.

Vulnerability Number

V-97311

Documentable

False

Rule Version

GOOG-09-000400

Severity Override Guidance

Review Google Android device configuration settings to determine if the mobile device has the screen lock timeout set to 15 minutes or less.

This validation procedure is performed on both the MDM Administration Console and the Android Pie device.

On the MDM console, do the following:

1. Open passcode requirements
2. Open device passcode section
3. Ensure "Device Lock Timeout" to any number between 1 and 15

On the Android Pie device, do the following:
1. Open settings >> Security & location
2. Click the "gear" icon next to "Screen lock"
3. Ensure "Automatically lock" is set to between 0 and 15 minutes

If the MDM console device policy is not set to 15 minutes or less for the screen lock timeout or on the Android Pie device, the device policy is not set to 15 minutes or less for the screen lock timeout, this is a finding.

Check Content Reference

M

Target Key

3499

Comments