Samsung Android must be configured to disallow outgoing beam.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-93609 | KNOX-09-000805 | SV-103695r1_rule | Medium |
| Description |
|---|
| Outgoing beam allows transfer of data through near field communication (NFC) and Bluetooth by touching two unlocked devices together. If it were enabled, sensitive DoD data could be transmitted. SFR ID: FMT_SMF_EXT.1.1 #47 |
| STIG | Date |
|---|---|
| Samsung Android OS 9 with Knox 3.x COBO Use Case KPE(Legacy) Deployment Security Technical Implementation Guide | 2020-06-09 |
Details
| Check Text ( C-92925r1_chk ) |
|---|
| Review device configuration settings to confirm that Android beam is disabled. This procedure is performed on both the MDM Administration console and the Samsung Android device. On the MDM console, for the device, in the "Knox restrictions" group, verify that "disable android beam" is selected. On the Samsung Android device, open a picture, contact, or webpage and put it back to back with an unlocked outgoing beam-enabled device. Verify that outgoing beam cannot be started. If on the MDM console "disable android beam" is not selected, or on the Samsung Android device the user is able to successfully start outgoing beam, this is a finding. |
| Fix Text (F-99853r1_fix) |
|---|
| Configure Samsung Android to disable Android beam. On the MDM console, for the device, in the "Knox restrictions" group, select "disable android beam". |