The smartphone removable memory card (e.g., MicroSD) must be bound to the PDA or smartphone so it may not be read by any other PED or computer.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-28295 | WIR-MOS-AND-033-02 | SV-36013r1_rule | ECWN-1 | Medium |
| Description |
|---|
| Memory cards used to transfer files between PCs and PDAs is a migration path for the spread of malware on DoD computers and handheld devices. These risks are mitigated by the requirements listed in this check. |
| STIG | Date |
|---|---|
| Android 2.2 (Dell) Security Technical Implementation Guide | 2014-08-26 |
Details
| Check Text ( C-35150r1_chk ) |
|---|
| This check is currently Not Applicable. The SD memory card is automatically bound to the Android smartphone by the Good server when "Allow SD card encryption" is checked in the Android policy on the Good server. |
| Fix Text (F-30396r1_fix) |
|---|
| Implement required procedures to bind the media card to the smartphone. |