UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

CylancePROTECT Mobile malware detection must be configured with the following compliance actions for nonsystem apps (Android only): -Prompt for compliance: Immediate enforcement action. -Prevent the user from accessing work resources and apps on the device while it is out of compliance. -Prevent the user from accessing BlackBerry Dynamics apps while the device is out of compliance.


Overview

Finding ID Version Rule ID IA Controls Severity
V-257261 BBCP-00-012700 SV-257261r918367_rule Medium
Description
When a compliance failure is detected, compliance actions must be implemented immediately to limit exposure of sensitive data and unauthorized access to the mobile device.
STIG Date
BlackBerry CylancePROTECT Mobile for UEM Security Technical Implementation Guide 2023-11-21

Details

Check Text ( C-60945r918365_chk )
Verify the following compliance actions are enabled when malware is detected for nonsystem apps (Android only):
-Prompt for compliance: Immediate enforcement action.
-Prevent the user from accessing work resources and apps on the device while it is out of compliance.
-Prevent the user from accessing BlackBerry Dynamics apps while the device is out of compliance.

1. Log on to the BlackBerry UEM console.
2. Select Policies and profiles >> Compliance >> Compliance.
3. Select a compliance profile to review.
4. On the Android tab in the BlackBerry Protect section, verify:
a. The "Malicious app package detected" box is selected.
b. In the Prompt for compliance box, verify "Immediate enforcement action" is selected.
c. In the "Enforcement action for device" drop-down list, verify "Untrust" is selected.
d. In the "Enforcement action for BlackBerry Dynamics apps" drop-down list, verify "Do not allow BlackBerry Dynamics apps to run" is selected.

If required compliance actions when malware is detected for nonsystem apps are not configured, this is a finding.
Fix Text (F-60887r918366_fix)
Configure the following compliance actions when malware is detected for nonsystem apps (Android only):
-Prompt for compliance: Immediate enforcement action.
-Prevent the user from accessing work resources and apps on the device while it is out of compliance.
-Prevent the user from accessing BlackBerry Dynamics apps while the device is out of compliance.

1. Log on to the BlackBerry UEM console.
2. Select Policies and profiles >> Compliance >> Compliance.
3. Create a new compliance profile or select and edit an existing compliance profile.
4. On the Android tab in the BlackBerry Protect section, do the following:
a. Select the "Malicious app package detected" check box.
b. Configure the behavior prompt settings: Prompt for compliance: "Immediate enforcement action".
c. In the "Enforcement action for device" drop-down list, select "Untrust" (work resources and apps cannot be accessed).
d. In the "Enforcement action for BlackBerry Dynamics apps" drop-down list, select "Do not allow BlackBerry Dynamics apps to run".
5. Click "Save".
6. Assign the profile to users and groups.