Samsung Knox Android must lock the container after 15 minutes of inactivity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-49687 | KNOX-24-012110 | SV-62623r1_rule | Medium |
| Description |
|---|
| Having a session lock after an idle time helps protect the device from unauthorized access. The idle time is a window of opportunity for adversaries who gain physical access to the mobile device through loss, theft, etc. Devices that do not initiate a session lock after a period of time are much more likely to be in an unlocked state when acquired by an adversary, thus granting immediate access to the data on the mobile device. SFR ID: FTA_SSL_EXT.1.1(1) |
| STIG | Date |
|---|---|
| Samsung Android (with Knox 1.x) STIG | 2014-04-22 |
Details
| Check Text ( C-51573r1_chk ) |
|---|
| This validation procedure is performed on both the MDM Administration Console and the Samsung Knox Android device. Check whether the appropriate setting is configured on the MDM Administration Console: 1. Ask the MDM administrator to display the "Max Time to Lock" setting in the "Android Knox Container Password Restrictions" rule. 2. Verify the value of the setting is 15 minutes or less. On the Samsung Knox Android device: 1. Open the Knox Container. 2. Refrain from using the Knox Container for 15 minutes. 3. Verify the that container applications are no longer accessible. If the selected value is larger than 15 minutes, or if the Knox container does not lock after 15 minutes, this is a finding. |
| Fix Text (F-53203r1_fix) |
|---|
| Configure the OS to initiate a session lock after a time period of inactivity. Configure the mobile operating system to lock the device after no more than 15 minutes of inactivity. On the MDM Administration Console, configure the "Max Time to Lock" option to 15 minutes in the "Android Password Restrictions" rule. |