Microsoft Android 11 must allow the Administrator (EMM) to perform the following management function: Wipe Enterprise data.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-255221 | MSFT-11-005400 | SV-255221r870833_rule | Medium |
| Description |
|---|
| When a user's device is lost or stolen, it is useful to remotely wipe it as soon as possible to avoid loss of DOD sensitive information. The Administrator must have the capability to force a wipe on a lost or stolen device to reduce the risk of compromise of sensitive DOD data. This capability mitigates that risk. SFR ID: FMT_SMF_EXT.1.1 #28 |
| STIG | Date |
|---|---|
| Microsoft Android 11 COPE Security Technical Implementation Guide | 2022-11-14 |
Details
| Check Text ( C-58834r870761_chk ) |
|---|
| Review Microsoft Android device configuration settings to determine if the mobile device function to wipe Enterprise data works. This validation procedure is performed on both the EMM Administration console and the Android 11 device. On the EMM console: 1. Open "Managed work profile specific policies". 2. Select "Remove work profile". On the Android 11 device, do the following: Verify the work profile has been removed from the Android 11 device. If the EMM cannot wipe enterprise data (work profile), this is a finding. |
| Fix Text (F-58778r870762_fix) |
|---|
| To perform the wipe Enterprise of data function on a Microsoft Android 11 device (when required). On the EMM console: 1. Open "Managed work profile specific policies". 2. Select "Remove work profile". |