STIGQter: STIG Summary: Samsung Android OS 9 with Knox 3.x COPE Use Case KPE(Legacy) Deployment Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 24 Jul 2020:

Samsung Android must be configured to disable multi-user modes.

DISA Rule

SV-103975r1_rule

Vulnerability Number

V-93889

Group Title

PP-MDF-301280

Rule Version

KNOX-09-000645

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-002110 - The organization defines the information system account types that support the organizational missions/business functions.

Weight

10

Fix Recommendation

Configure Samsung Android to disable multi-user modes.

On the MDM console, in Knox MultiUser, unselect "allow multi-user mode".

Check Contents

Review configuration settings to confirm that multi-user mode has been disabled.

This procedure is performed on both the MDM Administrator console and the Samsung Android device.

On the MDM console, in Knox MultiUser, verify that "allow multi-user mode" is not selected.

On the Samsung Android device, open Settings and verify that the "User" setting is not available.

If on the MDM console "allow multi-user mode" is selected, or on the Samsung Android device the "User" setting is available, this is a finding.

Vulnerability Number

V-93889

Documentable

False

Rule Version

KNOX-09-000645

Severity Override Guidance

Review configuration settings to confirm that multi-user mode has been disabled.

This procedure is performed on both the MDM Administrator console and the Samsung Android device.

On the MDM console, in Knox MultiUser, verify that "allow multi-user mode" is not selected.

On the Samsung Android device, open Settings and verify that the "User" setting is not available.

If on the MDM console "allow multi-user mode" is selected, or on the Samsung Android device the "User" setting is available, this is a finding.

Check Content Reference

M

Target Key

3509

Comments