OpenControls Logo

STIG Viewer

The Google Android 14 BYOAD must be configured to either disable access to DOD data and IT systems and user accounts or wipe the work profile if the EMM system detects that native security controls are disabled.

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-260066GOOG-14-800800SV-260066r948403_ruleCCI-000366medium
Description
Examples of indicators that the native device security controls have been disabled include jailbroken or rooted devices. When a BYOAD is out of compliance, DOD data and apps must be removed to protect against compromise of sensitive DOD information. Note: The site should review DOD and local data retention policies before wiping the work profile of a BYOAD device. Reference: DOD policy "Use of Non-Government Mobile Devices" (3.b.(4) 3.b.(5)i). SFR ID: FMT_SMF_EXT.1.1 #47
STIGDate
Google Android 14 BYOAD Security Technical Implementation Guide2024-02-16

Related Frameworks

4 paths across 3 frameworks
NIST 800-531 mapping
CM-6
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
  • DISA · V1R1 · disa_xccdf · related

Details

Check Text (C-260066r948403_chk)

Verify the EMM has been configured to either disable access to DOD data, IT systems, and user accounts on the Google Android 14 BYOAD or wipe the work profile if it has been detected that native BYOAD security controls are disabled (e.g., jailbroken/rooted). The exact procedure will depend on the EMM system used at the site. If the EMM has not been configured to either disable access to DOD data, IT systems, and user accounts on the Google Android 14 BYOAD or wipe the work profile if it has been detected that native BYOAD security controls are disabled, this is a finding.

Fix Text (F-63704r948402_fix)

Configure the EMM to either disable access to DOD data and IT systems and user accounts on the Google Android 14 BYOAD or wipe the work profile if it has been detected that native BYOAD security controls are disabled (e.g., jailbroken/rooted). The exact procedure will depend on the EMM system used at the site.