Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-252428 | KNOX-12-210230 | SV-252428r815497_rule | Medium |
Description |
---|
Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often offer less protection than the MOS. Where the remote backup involves a cloud-based solution, the backup capability is often used to synchronize data across multiple devices. In this case, DoD devices may synchronize DoD sensitive information to a user's personal device or other unauthorized computers that are vulnerable to breach. Disallowing remote backup mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #40 |
STIG | Date |
---|---|
Samsung Android 12 with Knox 3.x COPE Security Technical Implementation Guide | 2022-06-07 |
Check Text ( C-55884r815495_chk ) |
---|
Verify requirement KNOX-12-210220 (Disallow modify accounts) has been implemented. If "Disallow modify accounts" has not been implemented, this is a finding. |
Fix Text (F-55834r815496_fix) |
---|
Implement "Disallow modify accounts" (see requirement KNOX-12-210220) |