Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-231035 | KNOX-11-009800 | SV-231035r608683_rule | Medium |
Description |
---|
NOTE: This requirement is only applicable to Samsung tablets. Multi-user mode allows multiple users to share a mobile device by providing a degree of separation between user data. To date, no mobile device with multi-user mode features meets DoD requirements for access control, data separation, and non-repudiation for user accounts. In addition, the MDFPP does not include design requirements for multi-user account services. Disabling multi-user mode mitigates the risk of not meeting DoD multi-user account security policies. SFR ID: FMT_SMF_EXT.1.1 #47b |
STIG | Date |
---|---|
Samsung Android 11 with Knox 3.x Legacy Security Technical Implementation Guide | 2020-12-08 |
Check Text ( C-33965r592719_chk ) |
---|
Review Samsung Android configuration settings to determine if multi-user mode is disabled. This validation procedure is performed on both the management tool Administration Console and the Samsung Android device. On the management tool, in the device Multiuser section, verify that "Multi-user mode" is set to "Disallow". On the Samsung Android device, open Settings and verify that the "User" setting is not listed. If on the management tool "Multi-user mode" is not set to "Disallow", or on the Samsung Android device the "User" setting is available, this is a finding. |
Fix Text (F-33938r592720_fix) |
---|
Configure Samsung Android to disable multi-user modes. On the management tool, in the device Multiuser section, set "Multi-user mode" to "Disallow". |