UCF STIG Viewer Logo

The Samsung Android 7 with Knox must be configured to Disable Bixby.


Overview

Finding ID Version Rule ID IA Controls Severity
V-76613 KNOX-07-017800 SV-91309r1_rule Low
Description
On MOS devices, unauthorized users (may be able to) access the device's contact database or calendar to obtain phone numbers and other information using a human voice even when the mobile device is locked. Often this information is personally identifiable information (PII), which is considered sensitive. It could also be used by an adversary to profile the user or engage in social engineering to obtain further information from other unsuspecting users. SFR ID: FMT_SMF_EXT.1.1 #47
STIG Date
Samsung Android OS 7 with Knox 2.x Security Technical Implementation Guide 2019-10-01

Details

Check Text ( C-76283r1_chk )
Not Applicable if the AO has approved unmanaged personal space/container (COPE use case). The site must have an AO signed document showing the AO has assumed the risk for using an unmanaged personal container.

Review Samsung Android 7 with Knox configuration settings to determine if the mobile device is configured to disable Bixby.

This validation procedure is performed on both the MDM Administration Console and the Samsung Android 7 with Knox device.

On the MDM console, do the following:
1. Ask the MDM administrator to display the "Application disable list" setting in the "Android Application" rule.
2. Verify the list contains all Bixby related packages.

On the Samsung Android 7 with Knox device, do the following:
1. Press the Bixby hardware button.
2. Verify Bixby does not start.

If the Samsung Android 7 with Knox device starts Bixby when pressing the hardware Bixby button, this is a finding.
Fix Text (F-83307r1_fix)
Configure the Samsung Android 7 with Knox to disable Bixby.

On the MDM console, add all packages associated with the Bixby feature to the "Application disable list" setting in the "Android Applications" rule.

Note: Refer to the Supplemental document for additional information.