The Samsung KNOX for Android platform must be configured to enable Google Play Inside KNOX.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-69749 | KNOX-35-009005 | SV-84371r1_rule | Medium |
| Description |
|---|
| Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing such installations and executions could cause a compromise of DoD data accessible by these unauthorized/malicious applications. SFR ID: FMT_SMF_EXT.1.1 #45 |
| STIG | Date |
|---|---|
| Samsung Android OS 6 (with KNOX 2.x) Security Technical Implementation Guide | 2016-11-14 |
Details
| Check Text ( C-70193r1_chk ) |
|---|
| This check procedure is performed on both the MDM Administration Console and the Samsung KNOX device. Check that the appropriate setting is configured on the MDM Administration Console. 1. Ask the MDM administrator to display the "Enable Google Play" setting in the "Android Restrictions" rule (work environment container). 2. Verify it is enabled. On the Samsung KNOX for Android device: 1. Attempt to locate the "Google Play" application inside the KNOX container. 2. Verify it is present inside the KNOX container. If the "Enable Google Play" is not enabled inside the KNOX container, this is a finding. Play for Work Inside KNOX is optional, and must be AO approved. If Play for Work Inside KNOX is not used, this requirement is NA. |
| Fix Text (F-75955r1_fix) |
|---|
| Configure the mobile operating system to enable Google Play Inside KNOX container only. On the MDM Administration Console, enable "Enable Google Play" in the "Android Restrictions" rule (work environment container). |