STIGQter STIGQter: STIG Summary: Samsung Android OS 10 with Knox 3.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Mar 2020:

Samsung Android Work Environment must be configured to disable the Auto Fill services.

DISA Rule

SV-109079r1_rule

Vulnerability Number

V-99975

Group Title

PP-MDF-991000

Rule Version

KNOX-10-010600

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Samsung Android Work Environment to disable autofill services.

This policy cannot be enforced on a KPE(Legacy) deployment.

On the management tool, in the Work Environment restrictions section, set "Autofill services" to "Disallow".

Check Contents

Review Samsung Android Work Environment configuration settings to determine if autofill services are disabled.

This validation procedure is performed on both the management tool Administration Console and the Samsung Android device.

This policy cannot be enforced on a KPE(Legacy) deployment.

On the management tool, in the Work Environment restrictions section, verify that "Autofill services" is set to "Disallow".

For COPE: On the Samsung Android device, do the following:
1. Open Settings >> Work profile >> More settings >> Keyboard and input.
2. Verify that "Autofill service" is not present.

For COBO: On the Samsung Android device, do the following:
1. Open Settings >> General management >> Language and input.
2. Verify that "Autofill service" is not present.

If on the management tool "Autofill services" is not set to "Disallow", or on the Samsung Android device "Autofill service" is present, this is a finding.

Vulnerability Number

V-99975

Documentable

False

Rule Version

KNOX-10-010600

Severity Override Guidance

Review Samsung Android Work Environment configuration settings to determine if autofill services are disabled.

This validation procedure is performed on both the management tool Administration Console and the Samsung Android device.

This policy cannot be enforced on a KPE(Legacy) deployment.

On the management tool, in the Work Environment restrictions section, verify that "Autofill services" is set to "Disallow".

For COPE: On the Samsung Android device, do the following:
1. Open Settings >> Work profile >> More settings >> Keyboard and input.
2. Verify that "Autofill service" is not present.

For COBO: On the Samsung Android device, do the following:
1. Open Settings >> General management >> Language and input.
2. Verify that "Autofill service" is not present.

If on the management tool "Autofill services" is not set to "Disallow", or on the Samsung Android device "Autofill service" is present, this is a finding.

Check Content Reference

M

Target Key

3613

Comments