The smartphone device Wi-Fi radio must be disabled as the default setting and is enabled only when Wi-Fi connectivity is required.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-25020	WIR-MOS-AND-041	SV-34999r1_rule	ECWN-1	Low

Description
The Wi-Fi radio can be used by a hacker to connect to the smartphone without the knowledge of the user. Sensitive DoD data could be exposed and the hacker could use the device to attack the enclave.

STIG	Date
Android 2.2 (Dell) Security Technical Implementation Guide	2011-11-28

Details

Check Text ( C-34875r1_chk )
The user will never enable the Wi-Fi radio unless authorized to use Wi-Fi (User Based Enforcement (UBE)). If Wi-Fi use is authorized, the user should turn-off the smartphone Wi-Fi radio whenever Wi-Fi service is not needed. On a sample of site-managed Android devices (pick 3-4 random devices), verify the Wi-Fi radio is turned off. -Have the user turn on and log into the device. -Go to Settings > Wireless & networks > Wi-Fi. Wi-Fi should be turned off. Mark as a finding if configuration is not set as required.

Check Text ( C-34875r1_chk )

The user will never enable the Wi-Fi radio unless authorized to use Wi-Fi (User Based Enforcement (UBE)). If Wi-Fi use is authorized, the user should turn-off the smartphone Wi-Fi radio whenever Wi-Fi service is not needed.

On a sample of site-managed Android devices (pick 3-4 random devices), verify the Wi-Fi radio is turned off.

-Have the user turn on and log into the device.
-Go to Settings > Wireless & networks > Wi-Fi. Wi-Fi should be turned off.

Mark as a finding if configuration is not set as required.

Fix Text (F-27691r1_fix)
Disable the smartphone Wi-Fi radio unless authorized for use and only when Wi-Fi connectivity is required.