The Google Android Pie must be configured to disable developer modes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-97327 | GOOG-09-002800 | SV-106431r1_rule | Medium |
| Description |
|---|
| Developer modes expose features of the Google Android device that are not available during standard operation. An adversary may leverage a vulnerability inherent in a developer mode to compromise the confidentiality, integrity, and availability of DoD sensitive information. Disabling developer modes mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #26 |
| STIG | Date |
|---|---|
| Google Android 9.x Security Technical Implementation Guide | 2019-08-28 |
Details
| Check Text ( C-96163r1_chk ) |
|---|
| Review Google Android device configuration settings to determine whether a developer mode is enabled. This validation procedure is performed on both the MDM Administration Console and the Android Pie device. On the MDM console, do the following: 1. Open restrictions section. 2. Open Restrictions section. 3. Confirm that "Debugging Features" is set to Disallow. On the Android Pie device, do the following: 1. Go to Settings >> System 2. Ensure Developer Options is not listed. If the MDM console device policy is not set to disable developer mode or on the Android Pie device, the device policy is not set to disable developer mode, this is a finding. |
| Fix Text (F-103007r1_fix) |
|---|
| Configure the Google Android device to disable developer modes. On the MDM Console: 1. Open restrictions section. 2. Open Restrictions section. 3. Set "Debugging Features" to Disallow. |