Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-92865 | KNOX-09-000130 | SV-102953r1_rule | Medium |
Description |
---|
Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing such installations and executions could cause a compromise of DoD data accessible by these unauthorized/malicious applications. SFR ID: FMT_SMF_EXT.1.1 #8a |
STIG | Date |
---|---|
Samsung OS 9 with Knox 3.x COBO Use Case KPE(AE) Deployment Security Technical Implementation Guide | 2020-02-24 |
Check Text ( C-92171r1_chk ) |
---|
Review device configuration settings to confirm that installation from unauthorized application repositories is disallowed. This procedure is performed on both the MDM Administration console and the Samsung Android device. On the MDM console, for the device, in the "Android user restrictions" group, verify that "disallow install unknown sources" is selected. On the Samsung Android device, do the following: 1. Open Settings. 2. Tap "Apps". 3. Tap the Overflow menu (three vertical dots). 4. Tap "Special Access". 5. Tap "Install unknown apps". 6. Tap a listed app. 7. Verify that "Allow from this source" cannot be enabled. If on the MDM console "disallow install unknown sources" is not selected, or on the Samsung Android device the user can enable "allow from this source" for an app, this is a finding. |
Fix Text (F-99109r1_fix) |
---|
Configure Samsung Android to disallow installation from unauthorized application repositories. On the MDM console, for the device, in the "Android user restrictions" group, select "disallow install unknown sources". |