Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Google Android 11 must allow only the Administrator (EMM) to perform the following management function: enable/disable location services.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-228623 | GOOG-11-005200 | SV-228623r505868_rule | Low |
| Description |
|---|
| If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DoD information systems. An adversary could exploit vulnerabilities created by the weaker configuration to compromise DoD sensitive information. SFR ID: FMT_MOF_EXT.1.2 #22 |
| STIG | Date |
|---|---|
| Google Android 11 COPE Security Technical Implementation Guide | 2020-09-18 |
Details
| Check Text ( C-30858r505866_chk ) |
|---|
| Review Google Android device configuration settings to determine if the mobile device has location services on/off. This validation procedure is performed on both the EMM Administration Console and the Android 11 device. On the EMM console, do the following: 1. Open "Set user restrictions on parent". 2. Verify that "Disallow config location" is toggled to On. 3. Verify that "Disallow share location" is toggled to On. On the Google device, do the following: 1. Open Settings >> Location. 2. Validate that Location Services is off for Work and Personal. If the mobile device has location services enabled, this is a finding. |
| Fix Text (F-30835r505867_fix) |
|---|
| Configure the Google Android 11 device to enable/disable location services. On the EMM console: 1. Open "Set user restrictions on parent". 2. Toggle "Disallow config location" to On. 3. Toggle "Disallow share location" to On. |