Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-48319 | KNOX-24-012100 | SV-61191r1_rule | Medium |
Description |
---|
Having a session lock after an idle time helps protect the device from unauthorized access. The idle time is a window of opportunity for adversaries who gain physical access to the mobile device through loss, theft, etc. Devices that do not initiate a session lock after a period of time are much more likely to be in an unlocked state when acquired by an adversary, thus granting immediate access to the data on the mobile device. SFR ID: FTA_SSL_EXT.1.1(1) |
STIG | Date |
---|---|
Samsung Android (with Knox 1.x) STIG | 2014-04-22 |
Check Text ( C-50751r2_chk ) |
---|
This validation procedure is performed on both the MDM Administration Console and the Samsung Knox Android device. Check whether the appropriate setting is configured on the MDM Administration Console: 1. Ask the MDM administrator to display the "Max Time to Lock" setting in the "Android Password Restrictions" rule. 2. Verify the value of the setting is 15 minutes or less. On the Samsung Knox Android device: 1. Unlock the device. 2. Refrain from performing any activity on the device for 15 minutes. 3. Verify the device requires the user to enter the device unlock password to access the device. If the user does not have to unlock the device after 15 minutes of inactivity, this is a finding. |
Fix Text (F-51927r2_fix) |
---|
Configure the mobile operating system to lock the device after no more than 15 minutes of inactivity. On the MDM Administration Console, configure the "Max Time to Lock" option to 15 minutes in the "Android Password Restrictions" rule. |