Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Samsung Android must be configured to prevent users from adding personal email accounts to the work email app.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-258648 | KNOX-14-110230 | SV-258648r931144_rule | Medium |
| Description |
|---|
| If the user is able to add a personal email account (POP3, IMAP, EAS) to the work email app, it could be used to forward sensitive DOD data to unauthorized recipients. Restricting email account addition to the Administrator or allowlisted accounts mitigates this vulnerability. SFR ID: FMT_MOF_EXT.1.2 #47 |
| STIG | Date |
|---|---|
| Samsung Android OS 14 with Knox 3.x COBO Security Technical Implementation Guide | 2023-10-18 |
Details
| Check Text ( C-62388r931142_chk ) |
|---|
| Review the configuration to determine if the Samsung Android devices are preventing users from adding personal email accounts to the work email app. On the management tool, in the device restrictions section, verify "Modify accounts" is set to "Disallow". On the Samsung Android device: 1. Open Settings >> Accounts and backup >> Manage accounts. 2. Verify no account can be added. If on the management tool "Modify accounts" is not set to "Disallow", or on the Samsung Android device an account can be added, this is a finding. |
| Fix Text (F-62297r931143_fix) |
|---|
| Configure the Samsung Android devices to prevent users from adding personal email accounts to the work email app. On the management tool, in the device restrictions, set "Modify accounts" to "Disallow". |