Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-254795 | GOOG-13-010900 | SV-254795r959010_rule | Low |
Description |
---|
Many third-party keyboard applications are known to contain malware. SFR ID: FMT_SMF_EXT.1.1 #47 |
STIG | Date |
---|---|
Google Android 13 COPE Security Technical Implementation Guide | 2024-06-05 |
Check Text ( C-58406r862765_chk ) |
---|
Review the managed Google Android 13 configuration settings to confirm that no third-party keyboards are enabled. This procedure is performed on the EMM console. On the EMM console: COBO and COPE: 1. Open "Input methods". 2. Tap "Set input methods". 3. Verify only the approved keyboards are selected. If third-party keyboards are allowed, this is a finding. |
Fix Text (F-58352r862766_fix) |
---|
Configure the Google Android 13 device to disallow the use of third-party keyboards. On the EMM console: COBO and COPE: 1. Open "Input methods". 2. Tap "Set input methods". 3. Select only the approved keyboard. Additionally, Admins can configure application allowlists for Google Play that do not have any third-party keyboards for user installation. |