STIGQter STIGQter: STIG Summary: Honeywell Android 9.x COPE Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 14 Jan 2021:

The Honeywell Mobility Edge Android Pie device must be configured to not allow backup of [all applications, configuration data] to locally connected systems.

DISA Rule

SV-235076r626527_rule

Vulnerability Number

V-235076

Group Title

PP-MDF-301220

Rule Version

HONW-09-003700

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Honeywell Android device to disable backup to locally connected systems.

NOTE: On Restrictions, the backup features for Honeywell are not in the framework.

On the MDM console:
1. Open Device Restrictions.
2. Open Restrictions settings.
3. Select "Disallow usb file transfer".

Check Contents

Review Honeywell Android device configuration settings to determine if the capability to back up to a locally connected system has been disabled.

This validation procedure is performed on both the MDM Administration console and the Android Pie device.

On the MDM console:
1. Open Device Restrictions.
2. Open Restrictions settings.
3. Ensure "Disallow usb file transfer" is selected.

On the Honeywell Android Pie device:
1. Plug USB cable into Android Pie device and connect to a non-DoD network-managed PC.
2. Go to Settings >> Connected devices >> USB.
3. Ensure "No data transfer" is selected.

If the MDM console device policy is not set to disable the capability to back up to a locally connected system or on the Honeywell Android Pie device, the device policy is not set to disable the capability to back up to a locally connected system, this is a finding.

Vulnerability Number

V-235076

Documentable

False

Rule Version

HONW-09-003700

Severity Override Guidance

Review Honeywell Android device configuration settings to determine if the capability to back up to a locally connected system has been disabled.

This validation procedure is performed on both the MDM Administration console and the Android Pie device.

On the MDM console:
1. Open Device Restrictions.
2. Open Restrictions settings.
3. Ensure "Disallow usb file transfer" is selected.

On the Honeywell Android Pie device:
1. Plug USB cable into Android Pie device and connect to a non-DoD network-managed PC.
2. Go to Settings >> Connected devices >> USB.
3. Ensure "No data transfer" is selected.

If the MDM console device policy is not set to disable the capability to back up to a locally connected system or on the Honeywell Android Pie device, the device policy is not set to disable the capability to back up to a locally connected system, this is a finding.

Check Content Reference

M

Target Key

5276

Comments