STIGQter: STIG Summary: Honeywell Android 9.x COBO Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 14 Jan 2021:

The Honeywell Android Pie must wipe all data upon unenrollment from MDM.

DISA Rule

SV-235053r626530_rule

Vulnerability Number

V-235053

Group Title

PP-MDF-302500

Rule Version

HONW-09-007150

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.
CCI-000370 - The organization employs automated mechanisms to centrally manage configuration settings for organization-defined information system components.
CCI-001033 - The organization defines circumstances requiring sanitization of portable storage devices prior to connecting such devices to the information system.

Weight

Fix Recommendation

On the MDM console:
Enable "Disallow remove managed profile".

Prior to unenrollment, the MDM administrator should issue a factory reset to ensure all data is wiped by doing the following in the MDM console:
Wipe data.

Check Contents

Review Honeywell Android device configuration settings to determine if the mobile device is configured to prohibit the user from unenrolling the Honeywell device from MDM management.

This validation procedure is performed only on the MDM Administration console.

On the MDM console:
Ensure "Disallow remove managed profile" is enabled.

If the MDM console device policy is not configured to prohibit the user from unenrolling the Honeywell device from MDM management, this is a finding.

Vulnerability Number

V-235053

Documentable

False

Rule Version

HONW-09-007150

Severity Override Guidance

Check Content Reference

Target Key

5275

The Honeywell Android Pie must wipe all data upon unenrollment from MDM.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments