Samsung Android OS 8 with Knox 3.x COPE Use Case Security Technical Implementation Guide

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected] This set of requirements is for the Corporate Owned Personally Enabled (COPE) use case and assumes the Authorizing Authority (AO) has approved unrestricted use of the personal space/container on Samsung devices. If the AO has not approved unrestricted use of the personal space/container on Samsung devices, additional device-wide controls should be implemented (see Section 3 of the STIG Supplemental document for more information).

Details

Version / Release: V1R4

Published: 2019-10-01

Updated At: 2019-11-11 10:48:53

Compare/View Releases

Select any two versions of this STIG to compare the individual requirements

Select any old version/release of this STIG to view the previous requirements

Actions

Download

Filter


Findings
Severity Open Not Reviewed Not Applicable Not a Finding
Overall 0 0 0 0
Low 0 0 0 0
Medium 0 0 0 0
High 0 0 0 0
Drop CKL or SCAP (XCCDF) results here.

    Vuln Rule Version CCI Severity Title Description Status Finding Details Comments
    SV-94971r1_rule KNOX-08-000300 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: CONTAINER Account whitelist. Whitelisting of authorized email accounts (POP3, IMAP, EAS) prevents a user from configuring a personal email account that could be used to forward sensitive DoD data to unauthorized recipients. SFR ID: FMT_SMF_EXT.1.1 #47
    SV-94973r1_rule KNOX-08-000400 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: CONTAINER Account blacklist. Blacklisting all email accounts is required so only whitelisted accounts can be configured. SFR ID: FMT_SMF_EXT.1.1 #47
    SV-94975r1_rule KNOX-08-000700 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Configure application disable list. Applications from various sources (including the vendor, the carrier, and Google) are installed on the device at the time of manufacture. Core apps are apps pre-installed by Google. Third-party pre-installed apps include apps from the vendor and carrier.
    SV-94977r1_rule KNOX-08-000800 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER must implement the management setting: Configure CONTAINER application disable list. Applications from various sources (including the vendor, the carrier, and Google) are installed on the device at the time of manufacture. Core apps are apps pre-installed by Google. Third-party pre-installed apps include apps from the vendor and carrier.
    SV-94979r1_rule KNOX-08-001100 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Configure CONTAINER application install blacklist. Blacklisting all applications is required so only whitelisted applications can be installed on the device. Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) t
    SV-94981r1_rule KNOX-08-001400 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to enforce a CONTAINER application installation policy by specifying an application whitelist that restricts applications by the following characteristics: List of digital signatures, names. The application whitelist, in addition to controlling the installation of applications on the mobile device (MD), must control user access/execution of all core and pre-installed applications, or the MD must provide an alternate method of restricting user
    SV-94983r1_rule KNOX-08-002100 CCI-000366 MEDIUM The Samsung Android 8 with Knox whitelist must be configured to not include applications with the following characteristics: Transmit mobile device (MD) diagnostic data to non-DoD servers. Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to configure an application whitelist properly could allow unaut
    SV-94985r1_rule KNOX-08-002200 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER whitelist must be configured to not include applications with the following characteristics: Back up mobile device (MD) data to non-DoD cloud servers (including user and application access to cloud backup services). Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to configure an application whitelist properly could allow unaut
    SV-94987r1_rule KNOX-08-002300 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER whitelist must be configured to not include applications with the following characteristics: Transmit mobile device (MD) diagnostic data to non-DoD servers. Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to configure an application whitelist properly could allow unaut
    SV-94989r1_rule KNOX-08-002400 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER whitelist must be configured to not include applications with the following characteristics: Voice assistant application if available when mobile device (MD) is locked. Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to configure an application whitelist properly could allow unaut
    SV-94991r1_rule KNOX-08-002500 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER whitelist must be configured to not include applications with the following characteristics: Voice dialing application if available when mobile device (MD) is locked. Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to configure an application whitelist properly could allow unaut
    SV-94993r1_rule KNOX-08-002600 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER whitelist must be configured to not include applications with the following characteristics: Allows synchronization of data or applications between devices associated with user. Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to configure an application whitelist properly could allow unaut
    SV-94995r1_rule KNOX-08-002700 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER whitelist must be configured to not include applications with the following characteristics: Allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other mobile devices (MDs) or printers. Requiring all authorized applications to be in an application whitelist prevents the execution of any applications (e.g., unauthorized, malicious) that are not part of the whitelist. Failure to configure an application whitelist properly could allow unaut
    SV-94997r1_rule KNOX-08-002900 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store]: Disable unknown sources. Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing such installations and executions could cause a compromise
    SV-94999r1_rule KNOX-08-003200 CCI-000366 LOW Samsung Android 8 with Knox must be configured to: Add the MDM Client application to the Battery optimizations modes Whitelist. Doze and App Standby are power-saving features that extend battery life by deferring background CPU and network activity. If the MDM Client is put into Doze or App Standby mode, the MDM Administrator may not be able to administrate the mobile device (MD)
    SV-95001r1_rule KNOX-08-003300 CCI-000366 LOW Samsung Android 8 with Knox must be configured to: Add the MDM Client application to the CONTAINER Battery optimizations modes Whitelist. Doze and App Standby are power-saving features that extend battery life by deferring background CPU and network activity. If the MDM Client is put into Doze or App Standby mode, the MDM Administrator may not be able to administrate the mobile device (MD)
    SV-95003r1_rule KNOX-08-003600 CCI-000366 LOW The Samsung Android 8 with Knox CONTAINER must be configured to: Disable Bixby Vision. Bixby Vision's image and text recognition capabilities use cloud-based processing. This may leak sensitive DoD data. SFR ID: FMT_SMF_EXT.1.1 #47
    SV-95005r1_rule KNOX-08-004000 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Enable Audit Log. Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. They help identify attacks so that breaches can either be prevented or limited in their scope. They facilitate analysis to improve performance and secur
    SV-95007r1_rule KNOX-08-006600 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to disable exceptions to the access control policy that prevents groups of application processes from accessing all data stored by other groups of application processes. App data sharing gives apps the ability to access the data of other apps for enhanced user functionality. However, sharing also poses a significant risk that unauthorized users or apps will obtain access to DoD sensitive information. To mitigate this risk
    SV-95009r1_rule KNOX-08-007000 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to implement the management setting: Enable CONTAINER. The CONTAINER must be enabled by the Administrator/MDM or the CONTAINER's protections will not apply to the mobile device. This will cause the mobile device's apps and data to be at significantly higher risk of compromise because they are not protected by
    SV-95011r1_rule KNOX-08-007100 CCI-000366 HIGH Samsung Android 8 with Knox must use a NIAP-certified CONTAINER for work data and applications. When a DoD mobile device contains apps in the personal CONTAINER that have not been vetted by the DoD for malware or risky behaviors, the personal CONTAINER must be considered an untrusted environment. Therefore, the data separation implementation between
    SV-95013r1_rule KNOX-08-007500 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable sharing of notification details outside the CONTAINER when the CONTAINER is locked. Application notifications can include DoD sensitive data. If made available outside the CONTAINER, this information will be accessible to personal applications, resulting in potential compromise of DoD data. SFR ID: FMT_SMF_EXT.1.1 #47
    SV-95015r1_rule KNOX-08-008100 CCI-000366 MEDIUM Samsung Android 8 mobile device users must complete required training. The security posture of Samsung devices requires the device user to configure several required policy rules on their device. User Based Enforcement (UBE) is required for these controls. In addition, if the Authorizing Official (AO) has approved the use of
    SV-95017r1_rule KNOX-08-008200 CCI-000366 MEDIUM The Samsung DeX Station/Pad multimedia dock must not be connected directly to a DoD network. If the Samsung DeX Station/Pad multimedia dock is connected to a DoD network, the Samsung smartphone connected to the DeX Station will be connected to the DoD network as well. The Samsung smartphone most likely has a number of personal apps installed that
    SV-95019r1_rule KNOX-08-008300 CCI-000205 LOW Samsung Android 8 with Knox must be configured to enforce a minimum password length of six characters. Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. The ability to crack a password is a function of how many attempts an adversary is permitted, how quickly an adversary can do each attempt, an
    SV-95021r1_rule KNOX-08-008400 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Configure to enforce a minimum CONTAINER password length of four characters. Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. The ability to crack a password is a function of how many attempts an adversary is permitted, how quickly an adversary can do each attempt, an
    SV-95023r1_rule KNOX-08-008600 CCI-000366 LOW Samsung Android 8 with Knox must be configured to not allow passwords that include more than two repeating or sequential characters. Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Passwords that contain repeating or sequential characters are significantly easier to guess than those that do not contain repeating or sequen
    SV-95025r1_rule KNOX-08-008700 CCI-000366 LOW Samsung Android 8 with Knox must be configured to not allow CONTAINER passwords that include more than two repeating or sequential characters. Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Passwords that contain repeating or sequential characters are significantly easier to guess than those that do not contain repeating or sequen
    SV-95027r2_rule KNOX-08-008800 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Configure minimum password complexity. Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. The ability to crack a password is a function of how many attempts an adversary is permitted, how quickly an adversary can do each attempt, an
    SV-95029r2_rule KNOX-08-008900 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Configure minimum CONTAINER password complexity. Authentication mechanisms other than a Password Authentication Factor often provide convenience to users, but many of these mechanisms have known vulnerabilities. Configuring a minimum password complexity mitigates the risk associated with a weak authenti
    SV-95031r1_rule KNOX-08-009100 CCI-000057 MEDIUM Samsung Android 8 with Knox must be configured to lock the display after 15 minutes (or less) of inactivity. The screen lock timeout must be set to a value that helps protect the device from unauthorized access. Having a too-long timeout would increase the window of opportunity for adversaries who gain physical access to the mobile device through loss, theft, et
    SV-95033r1_rule KNOX-08-009200 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to lock the CONTAINER after 15 minutes (or less) of inactivity. The screen lock timeout must be set to a value that helps protect the device from unauthorized access. Having a too-long timeout would increase the window of opportunity for adversaries who gain physical access to the mobile device through loss, theft, et
    SV-95035r1_rule KNOX-08-009400 CCI-000044 LOW Samsung Android 8 with Knox must be configured to not allow more than 10 consecutive failed authentication attempts. The more attempts an adversary has to guess a password, the more likely the adversary will enter the correct password and gain access to resources on the device. Setting a limit on the number of attempts mitigates this risk. Setting the limit at 10 or few
    SV-95037r1_rule KNOX-08-009500 CCI-000366 LOW Samsung Android 8 with Knox must implement the management setting: Configure to prohibit more than 10 consecutive failed CONTAINER authentication attempts. The more attempts an adversary has to guess a password, the more likely the adversary will enter the correct password and gain access to resources on the device. Setting a limit on the number of attempts mitigates this risk. Setting the limit at 10 or few
    SV-95039r1_rule KNOX-08-010300 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to disable authentication mechanisms providing user access to protected data other than a Password Authentication Factor, including biometric fingerprint, iris, face, voice, hybrid authentication factor: Disable Trust Agents. Note: This requirement is Not Applicable (NA) if the non-Password Authentication Factor mechanism is included in the products Common Criteria evaluation (fingerprint and iris scan are allowed). Trust Agents allow a user to unlock a mobile device without entering a passcode when the mobile device is, for example, connected to a user-selected Bluetooth device or in a user-selected location. This technology would allow unauthorized users to have ac
    SV-95041r1_rule KNOX-08-010500 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER must be configured to disable authentication mechanisms providing user access to protected data other than a Password Authentication Factor, including biometric fingerprint, iris, face, voice, and hybrid authentication factor: Disable Trust Agents. Note: This requirement is Not Applicable (NA) if the non-Password Authentication Factor mechanism is included in the products Common Criteria evaluation (fingerprint and iris scan are allowed). Trust Agents allows a user to unlock a mobile device without entering a passcode when the mobile device is, for example, connected to a user-selected Bluetooth device or in a user-selected location. This technology would allow unauthorized users to have a
    SV-95043r1_rule KNOX-08-010800 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to disable authentication mechanisms providing user access to protected data other than a Password Authentication Factor, including biometric fingerprint, iris, face, voice, and hybrid authentication factor: Disable Intelligent Scanning. Note: This requirement is Not Applicable (NA) if the non-Password Authentication Factor mechanism is included in the products Common Criteria evaluation (fingerprint and iris scan are allowed). The Intelligent Scanning feature allows a user's face and iris to be registered and used such that either authentication method returning a match will unlock the device. Intelligent Scanning combines the known weaknesses of iris and face scanning that co
    SV-95045r1_rule KNOX-08-011000 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to disable authentication mechanisms providing user access to protected data other than a Password Authentication Factor, including biometric fingerprint, iris, face, voice, and hybrid authentication factor: Disable Face Recognition. Note: This requirement is Not Applicable (NA) if the non-Password Authentication Factor mechanism is included in the products Common Criteria evaluation (fingerprint and iris scan are allowed). The Face Recognition feature allows a user's face to be registered and used to unlock the device. This technology would allow unauthorized users to have access to DoD sensitive data if compromised. By not permitting the use of non-password authentication
    SV-95047r1_rule KNOX-08-012800 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable automatic completion of CONTAINER browser text input. The auto-fill functionality in the web browser allows the user to complete a form that contains sensitive information, such as personally identifiable information (PII), without previous knowledge of the information. By allowing the use of auto-fill funct
    SV-95049r1_rule KNOX-08-013000 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to disable multi-user modes. Multi-user mode allows multiple users to share a mobile device by providing a degree of separation between user data. To date, no mobile device with multi-user mode features meets DoD requirements for access control, data separation, and non-repudiation f
    SV-95051r1_rule KNOX-08-013200 CCI-000381 LOW Samsung Android 8 with Knox must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled: Disable Google Crash Report. Many software systems automatically send diagnostic data to the manufacturer or a third party. This data enables the developers to understand real-world field behavior and improve the product based on that information. Unfortunately, it can also reveal in
    SV-95053r1_rule KNOX-08-013300 CCI-000381 LOW Samsung Android 8 with Knox must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled: Disable Report Diagnostic Info. Many software systems automatically send diagnostic data to the manufacturer or a third party. This data enables the developers to understand real-world field behavior and improve the product based on that information. Unfortunately, it can also reveal in
    SV-95055r1_rule KNOX-08-013400 CCI-000381 LOW The Samsung Android 8 with Knox CONTAINER must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled: Disable Google Crash Report. Many software systems automatically send diagnostic data to the manufacturer or a third party. This data enables the developers to understand real-world field behavior and improve the product based on that information. Unfortunately, it can also reveal in
    SV-95057r1_rule KNOX-08-013500 CCI-000381 LOW Samsung Android 8 with Knox must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled: Disable Google Usage and diagnostics. Many software systems automatically send diagnostic data to the manufacturer or a third party. This data enables the developers to understand real-world field behavior and improve the product based on that information. Unfortunately, it can also reveal in
    SV-95059r1_rule KNOX-08-013700 CCI-000381 LOW The Samsung Android 8 with Knox CONTAINER must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled: Disable Google Usage and diagnostics. Many software systems automatically send diagnostic data to the manufacturer or a third party. This data enables the developers to understand real-world field behavior and improve the product based on that information. Unfortunately, it can also reveal in
    SV-95061r1_rule KNOX-08-013900 CCI-000366 LOW Samsung Android 8 with Knox must be configured to disable all Bluetooth profiles except for HSP (Headset Profile), HFP (HandsFree Profile), and SPP (Serial Port Profile). Some Bluetooth profiles provide the capability for remote transfer of sensitive DoD data without encryption or otherwise do not meet DoD IT security policies and therefore should be disabled. SFR ID: FMT_SMF_EXT.1.1 #18h
    SV-95063r1_rule KNOX-08-014100 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable Allow New Admin Install. An application with Administrator permissions (e.g., MDM agent) is allowed to configure policies on the device. If a user is allowed to install another MDM agent on the device, this will allow another MDM Administrator (assuming it has the proper Knox lic
    SV-95065r1_rule KNOX-08-014200 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable Admin Remove. DoD policy requires DoD mobile devices to be managed via a mobile device management service. If Admin Remove is not disabled, the mobile device user can remove the Administrator (MDM) from the device. SFR ID: FMT_SMF_EXT.1.1 #47
    SV-95067r1_rule KNOX-08-014300 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER must implement the management setting: Disable Allow New Admin Install. An application with Administrator permissions (e.g., MDM agent) is allowed to configure policies on the device. If a user is allowed to install another MDM agent on the device, this will allow another MDM Administrator (assuming it has the proper Knox lic
    SV-95069r1_rule KNOX-08-014800 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER must implement the management setting: Disable S Voice. On Samsung Android 8 with Knox device CONTAINERs, users may be able to access the device's contact database or calendar to obtain phone numbers and other information using a human voice even when the mobile device is locked. Often this information is pers
    SV-95071r1_rule KNOX-08-015000 CCI-000381 MEDIUM Samsung Android 8 with Knox must be configured to disable USB mass storage mode. USB mass storage mode enables the transfer of data and software from one device to another. This software can include malware. When USB mass storage is enabled on a mobile device, it becomes a potential vector for malware and unauthorized data exfiltratio
    SV-95073r2_rule KNOX-08-015300 CCI-000366 HIGH Samsung Android 8 with Knox must implement the management setting: Enable CC mode. CC mode implements several security controls required by the Mobile Device Functional Protection Profile (MDFPP). If CC mode is not implemented, DoD data is more at risk of being compromised, and the mobile device is more at risk of being compromised if l
    SV-95075r1_rule KNOX-08-015500 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable Manual Date Time Changes. Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysis and investigating system events. Periodically synchronizing internal clocks with an authoritative time source is needed in ord
    SV-95077r1_rule KNOX-08-015700 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: USB host mode whitelist. The USB host mode feature allows select USB devices to connect to the device (e.g., USB flash drives, USB mouse, USB keyboard) using a micro USB to USB adapter cable. A user can copy sensitive DoD information to external USB storage unencrypted, resulting
    SV-95079r1_rule KNOX-08-015955 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER must implement the management setting: Configure disable Share Via List. The "Share Via List" feature allows the transfer of data between nearby Samsung devices via Android Beam, Wi-Fi Direct, Link Sharing, and Share to Device. If sharing were enabled, sensitive DoD data could be compromised. SFR ID: FMT_SMF_EXT.1.1 #47
    SV-95081r1_rule KNOX-08-016600 CCI-000366 LOW The Samsung Android 8 with Knox CONTAINER must be configured to: Disable upload of DoD contact information. Caller ID and spam protection apps let a user know who is calling even when the number is not on the user's contact list by using an online service to do the lookup. Users can also upload their and their contacts' names and numbers into an online service.
    SV-95083r1_rule KNOX-08-016800 CCI-000366 MEDIUM Samsung Android 8 with Knox for Android must implement the management setting: Disable Samsung Wi-Fi Sharing. Wi-Fi Tethering allows a device to act as an Access Point, sharing its data connection with other wirelessly connected devices. Previously the device could only share its mobile (cellular) data connection. On the Device menus, this is referred to as "Mobi
    SV-95085r1_rule KNOX-08-017200 CCI-002338 MEDIUM The Samsung Android 8 with Knox CONTAINER must be configured to not allow backup of [all applications, configuration data] to remote systems: Disable Allow Google Accounts Auto Sync. Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often offer less protection than the Samsung Android 8 with Knox CONTAINER. Where the remote backup involves a cloud-based solution, the
    SV-95087r1_rule KNOX-08-017300 CCI-000097 MEDIUM Samsung Android 8 with Knox must be configured to not allow backup of [all applications, configuration data] to locally connected systems. Data on mobile devices is protected by numerous mechanisms, including user authentication, access control, and cryptography. When the data is backed up to an external system (either locally connected or cloud based), many if not all of these mechanisms ar
    SV-95089r1_rule KNOX-08-017400 CCI-002338 MEDIUM Samsung Android 8 with Knox must be configured to not allow backup of [all applications, configuration data] to remote systems: Deselect Allow Google Backup. Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often offer less protection than the Samsung Android 8 with Knox. Where the remote backup involves a cloud-based solution, the backup cap
    SV-95091r1_rule KNOX-08-017900 CCI-000381 MEDIUM Samsung Android 8 with Knox must be configured to disable developer modes. Developer modes expose features of the Samsung Android 8 with Knox that are not available during standard operation. An adversary may leverage a vulnerability inherent in a developer mode to compromise the confidentiality, integrity, and availability of D
    SV-95093r1_rule KNOX-08-018100 CCI-002314 MEDIUM Samsung Android 8 with Knox must be configured to enable authentication of personal hotspot connections to the device using a pre-shared key. If no authentication is required to establish personal hotspot connections, an adversary may be able to use that device to perform attacks on other devices or networks without detection. A sophisticated adversary may also be able to exploit unknown system
    SV-95095r1_rule KNOX-08-018450 CCI-000366 HIGH The Samsung Android 8 with Knox device must have the latest available Samsung Android operating system (OS) installed. Required security features are not available in earlier OS versions. In addition, there may be known vulnerabilities in earlier versions. SFR ID: FMT_SMF_EXT.1.1 #47
    SV-95097r1_rule KNOX-08-018500 CCI-001199 HIGH Samsung Android 8 with Knox must be configured to enable encryption for information at rest on removable storage media or alternately, the use of removable storage media must be disabled. Samsung Android 8 with Knox must ensure the data being written to the mobile device's removable media is protected from unauthorized access. If data at rest is unencrypted, it is vulnerable to disclosure. Even if the operating system enforces permissions
    SV-95099r1_rule KNOX-08-019100 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Enable Certificate Revocation Status (CRL) Check. A CRL allows a certificate issuer to revoke a certificate for any reason, including improperly issued certificates and compromise of the private keys. Checking the revocation status of the certificate mitigates the risk associated with using a compromised
    SV-95101r1_rule KNOX-08-019200 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER must implement the management setting: Enable Certificate Revocation Status (CRL) Check. A CRL allows a certificate issuer to revoke a certificate for any reason, including improperly issued certificates and compromise of the private keys. Checking the revocation status of the certificate mitigates the risk associated with using a compromised
    SV-95103r1_rule KNOX-08-019400 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Install DoD root and intermediate PKI certificates on the device. DoD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services. If the root and intermediate certificates are not available, an adversary could falsely sign a certificate in such a way that it
    SV-95105r1_rule KNOX-08-019500 CCI-000366 MEDIUM The Samsung Android 8 with Knox CONTAINER must implement the management setting: Install DoD root and intermediate PKI certificates on the device. DoD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services. If the root and intermediate certificates are not available, an adversary could falsely sign a certificate in such a way that it
    SV-95107r1_rule KNOX-08-020400 CCI-000048 LOW Samsung Android 8 with Knox must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. The Samsung Android 8 with Knox is required to display the DoD-approved system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, di
    SV-95109r1_rule KNOX-08-021800 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable Move Files from CONTAINER to Personal. Allowing movement of files between the CONTAINER and personal side will result in both personal data and sensitive DoD data being placed in the same space. This can potentially result in DoD data being transmitted to unauthorized recipients via personal e
    SV-95111r1_rule KNOX-08-022000 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable sharing of calendar information outside the CONTAINER. Calendar events can include potentially DoD sensitive data such as names, contacts, dates and times, and locations. If made available outside the CONTAINER, this information will be accessible to personal applications, resulting in potential compromise of
    SV-95113r1_rule KNOX-08-022200 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable sharing of clipboard information outside the CONTAINER. The CONTAINER clipboard can include potentially DoD sensitive data such as names, contacts, dates and times, and locations. If made available outside the CONTAINER, this information will be accessible to personal applications, resulting in potential compr
    SV-95115r1_rule KNOX-08-022400 CCI-000366 MEDIUM Samsung Android 8 with Knox must be configured to disable sharing of contact information outside the CONTAINER. Contacts can include DoD sensitive data and personally identifiable information (PII) of DoD employees, including names, numbers, addresses, and email addresses. If made available outside the CONTAINER, this information will be accessible to personal appl
    SV-95117r1_rule KNOX-08-022600 CCI-000366 MEDIUM Samsung Android 8 with Knox must implement the management setting: Disable Move Applications to CONTAINER. Applications determined to be acceptable for personal use outside the CONTAINER might not be acceptable for use within the CONTAINER. The Move Applications to CONTAINER feature allows users to install personal side applications into the CONTAINER, resulti
    SV-95119r1_rule KNOX-08-023000 CCI-000068 MEDIUM The Samsung Android 8 with Knox VPN client must be configured in one of the following configurations: 1. Disabled; 2. Configured for CONTAINER use only; or 3. Configured for per app use for the personal side. The device VPN must be configured to disable access from the personal space/CONTAINER since it is considered an untrusted environment. Therefore, apps located in the personal CONTAINER on the device should not have the ability to access a DoD network. In
    SV-95121r1_rule KNOX-08-023100 CCI-000068 MEDIUM The Samsung Android 8 with Knox VPN client must be configured in one of the following configurations: 1. Disabled; 2. Configured for CONTAINER use only; or 3. Configured for per app use for the personal side. The device VPN must be configured to disable access from the personal space/CONTAINER since it is considered an untrusted environment. Therefore, apps located in the personal space on the device should not have the ability to access a DoD network. In addi
    SV-95123r1_rule KNOX-08-023200 CCI-000068 MEDIUM The Samsung Android 8 with Knox VPN client must be configured in one of the following configurations: 1. Disabled; 2. Configured for CONTAINER use only; or 3. Configured for per app use for the personal side. The device VPN must be configured to disable access from the personal space/CONTAINER since it is considered an untrusted environment. Therefore, apps located in the personal space on the device should not have the ability to access a DoD network. In addi
    SV-95125r1_rule KNOX-08-023300 CCI-000068 MEDIUM If a third-party VPN client is installed in the personal space, it must not be configured with a DoD network (work) VPN profile. The device VPN must be configured to disable access from the personal space since it is considered an untrusted environment. Therefore, apps located in the personal space on the device should not have the ability to access a DoD network. In addition, smar