Good Mobility Suite Server (Android OS) Security Technical Implementation Guide

U_Good_Mobility_Suite_Android_2-2_V1R1_Manual-xccdf.xml

Version/Release Published Filters Downloads Update
V1R1 2011-12-14      
Update existing CKLs to this version of the STIG
This STIG provides technical security controls required for the use of the Good Mobility Suite with Android 2.2 (Dell version) mobile operating system devices in the DoD environment.
Vuln Rule Version CCI Severity Title Description
SV-30809r2_rule WIR-WMS-GD-001 MEDIUM The required smartphone management server or later version must be used. Earlier versions of the smartphone management server may have security vulnerabilities or have not implemented required security features. System AdministratorECSC-1
SV-30810r2_rule WIR-WMS-GD-002 MEDIUM The host server where the smartphone management server is installed must be hardened according to the appropriate Application STIG (SQL, Apache Web Server, Apache Tomcat, IIS, etc.). Wireless email services are installed on a Windows Server. The server must be compliant with the Windows STIG and applicable Application STIGs to ensure the system is not vulnerable to attack resulting in a Denial of Service or compromise of the wireless email server.System AdministratorECSC-1
SV-30811r2_rule WIR-WMS-GD-003 HIGH The smartphone management server email system must be set up with the required system components in the required network architecture. The wireless email server architecture must comply with the DoD environment because approval of the smartphone management server is contingent on installation with the correct settings. DoD enclaves could be at risk of penetration or DoD data could be compromised if the smartphone management server is not installed as required.System AdministratorECSC-1
SV-30812r2_rule WIR-WMS-GD-004 HIGH The smartphone management server host-based or appliance firewall must be installed and configured as required. A smartphone user could get access to unauthorized network resources (application and content servers, etc.) if the smartphone management server host firewall is not set up as required.System AdministratorECSC-1
SV-30814r1_rule WIR-WMS-GD-005 HIGH Security controls must be implemented on the smartphone management server for connections to back-office servers and applications. The secure connection from the smartphone to the smartphone management server can be used by the smartphone user to connect to back-office servers and applications located on the enclave network. These connections bypass network authentication controls setup on the enclave. Strong access controls to back-office servers are required to ensure DoD data is not exposed to users of the smartphone system that are not authorized to access the back-office servers and applications.System AdministratorECSC-1
SV-30818r1_rule WIR-WMS-GD-006 LOW The smartphone management server must be configured to control HTML and RTF formatted email. HTML email and inline images in email can contain malware or links to web sites with malware.System AdministratorECWN-1
SV-30819r2_rule WIR-WMS-GD-007 MEDIUM Smartphone user accounts must not be assigned to the default security/IT policy. The smartphone default security/IT policy on the smartphone management server does not include most DoD required security policies for data encryption, authentication, and access control. DoD enclaves are at risk of data exposure and hacker attack if users are assigned the default (or other non-STIG compliant) security/IT policy.System AdministratorECSC-1
SV-30727r2_rule WIR-GMMS-004 LOW “Re-challenge for CAC PIN every” must be set. A user’s CAC PIN or software certificate PIN is cached in memory on the device for a short period of time so a user does not have to re-enter his/her PIN every time the user’s digital certificates are required for an S/MIME operation. The cached memory is cleared after a set period of time to limit exposure of the digital certificates to unauthorized use. Otherwise, a hacker may be able to gain access to the device while the PIN is still cached in memory and access the Good application and gain access to sensitive DoD information.System AdministratorECSC-1
SV-39982r3_rule WIR-WMS-GD-009-01 LOW Handheld password must be set as required. Long used passwords are more susceptible to being compromised by a hacker, which could lead to a possible compromise of the smartphone and sensitive DoD data stored on the mobile device.System AdministratorECWN-1, IAIA-1
SV-30822r2_rule WIR-WMS-GD-009-02 LOW Previously used passwords must be disallowed for security/email client on smartphone. Previously used passwords are more susceptible to being compromised by a hacker, which could lead to a possible compromise of the smartphone and sensitive DoD data stored on the smartphone.System AdministratorECWN-1, IAIA-1
SV-30823r2_rule WIR-WMS-GD-009-03 MEDIUM Password minimum length must be set as required for the smartphone security/email client. Short passwords can be easily determined by various password hacking tools, which could lead to unauthorized access to the smartphone and exposure to sensitive DoD data.System AdministratorECWN-1, IAIA-1
SV-30824r2_rule WIR-WMS-GD-009-04 LOW Repeated password characters must be disallowed for the Good app. Repeated password characters reduces the strength of a password to withstand attacks by password hacking tools, which could lead to unauthorized access to the smartphone and exposure to sensitive DoD data.System AdministratorECWN-1, IAIA-1
SV-30825r2_rule WIR-WMS-GD-009-06 MEDIUM Maximum invalid password attempts must be set as required for the smartphone security/email client. A hacker with unlimited attempts can determine the password of a smartphone within a few minutes using password hacking tools, which could lead to unauthorized access to the smartphone and exposure to sensitive DoD data.System AdministratorECWN-1, IAIA-1
SV-30827r2_rule WIR-WMS-GD-009-07 MEDIUM Data must be wiped after maximum password attempts reached for the smartphone security/email client. A hacker with unlimited attempts can determine the password of a smartphone within a few minutes using password hacking tools, which could lead to unauthorized access to the smartphone and exposure to sensitive DoD data. System AdministratorECWN-1, IAIA-1
SV-30826r2_rule WIR-WMS-GD-009-05 MEDIUM Inactivity lock must be set as required for the smartphone security/email client. Sensitive DoD data could be exposed to unauthorized viewing or use if lost or stolen smartphone screen was not locked.System AdministratorPESL-1
SV-30735r2_rule WIR-GMMS-006-01 MEDIUM "Do not allow data to be copied from the Good application" must be checked. Sensitive data could be saved in the non-FIPS 140-2 validated area of memory on the smartphone, which would violate DoD policy and may expose sensitive DoD data.System AdministratorECCR-1
SV-30738r2_rule WIR-GMMS-008 MEDIUM The Over-The-Air (OTA) device provisioning PIN must have expiration set. The time period that a device can be provisioned via Over-The-Air (OTA) provisioning needs to be controlled to ensure unauthorized people do not have the capability to setup rogue devices on the network.System AdministratorECWN-1
SV-30739r2_rule WIR-GMMS-009 LOW OTA Provisioning PIN reuse must not be allowed. The reuse of the OTA PIN can allow a hacker to provision an unauthorized device on the system.System AdministratorECWN-1
SV-34963r1_rule WIR-GMMS-AND-010-01 LOW A compliance rule must be set up in the server defining required smartphone hardware versions. Older devices do not support required security features.System AdministratorECWN-1
SV-34966r1_rule WIR-GMMS-AND-010-03 MEDIUM A compliance rule must be setup in the server implementing jailbreak or rooting detection on smartphones. DoD-required security policies can be bypassed on jailbroken and rooted smartphone . Jailbroken and rooted devices can expose sensitive DoD data to unauthorized people and could lead to a network attack.System AdministratorECWN-1
SV-30830r1_rule WIR-GMMS-007 LOW If access is enabled to the Good app contacts lists by the smartphone, the list of contact information must be limited. Sensitive contact information could be exposed.System AdministratorECWN-1
SV-30832r2_rule WIR-GMMS-001 MEDIUM Password access to the Good app on the smartphone must be enabled. A hacker could gain access to sensitive data in the smartphone application and gain an attack vector to the enclave if the password access control/authentication feature of the application is not enabled.System AdministratorECWN-1, IAIA-1
SV-32013r2_rule WIR-WMS-GD-010 LOW The PKI digital certificate installed on the wireless email management server must be a DoD PKI-issued certificate. When a self signed PKI certificate is used, a rogue wireless email management server can impersonate the DoD wireless email management server. DoDI 8520-02 requires PKI certificates come from a trusted DoD PKI.System AdministratorIATS-1
SV-32817r3_rule WIR-WMS-GD-009-08 MEDIUM Password complexity must be set as required. Non-complex passwords can be easily determined by various password hacking tools, which could lead to unauthorized access to the smartphone and exposure to sensitive DoD data.System AdministratorECWN-1, IAIA-1
SV-32858r2_rule WIR-GMMS-012 MEDIUM S/MIME must be enabled on the Good server. Sensitive DoD data could be exposed if the required setting is not configured on the Good server. If S/MIME support is not configured on the server, the user will not be able to view critical encrypted email or be able to encrypt email with sensitive DoD information.System AdministratorECCR-1
SV-33567r1_rule WIR-GMMS-002 MEDIUM Either CAC or password authentication must be enabled for user access to the Good app on the smartphone. Sensitive DoD data is saved inside the Good app and could be exposed if strong authentication is not implemented. The Good application stores sensitive DoD information. A hacker with access to the smartphone could easily gain access to the Good application if the required authentication control is not set.System AdministratorIAIA-1
SV-33569r1_rule WIR-GMMS-003 MEDIUM “Require CAC to be present” must be set. Sensitive DoD data is saved inside the Good app and could be exposed if strong authentication is not implemented. The Good applications store sensitive DoD information. A hacker with access to the smartphone could easily gain access to the Good application if the required authentication control is not set.System AdministratorIAIA-1
SV-33584r1_rule WIR-WMS-GD-009-09 MEDIUM “Require both letters and numbers” must be set as required for the smartphone security/email client. Sensitive DoD data is saved inside the Good app and could be exposed if strong authentication is not implemented.System Administrator
SV-33579r1_rule WIR-WMS-GD-009-10 MEDIUM “Do not allow sequential numbers” must be set as required for the smartphone security/email client. Sensitive DoD data is saved inside the Good app and could be exposed if strong authentication is not implemented.System AdministratorIAIA-1
SV-33591r1_rule WIR-WMS-GD-011 HIGH Authentication on system administration accounts for wireless management servers must be configured. CTO 07-15Rev1 requires administrator accounts use either CAC authentication or use complex passwords to ensure strong access control is enforced.System AdministratorIAIA-1, IATS-1
SV-34968r1_rule WIR-GMMS-AND-010-04 LOW A compliance rule must be set up on the server defining required Good client versions. Older software versions do not support required security features.System AdministratorECWN-1
SV-33972r1_rule WIR-GMMS-006-02 MEDIUM "Do not allow data to be copied into the Good application" must be checked in the Good security policy for the handheld. Malware could be copied into the secure Good sandbox on the smartphone, which would put sensitive data at risk of being compromised.System AdministratorECCR-1