OpenControls Logo

STIG Viewer

Google Android 14 must be provisioned as a BYOAD device (Android work profile for employee-owned devices [BYOD]).

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-260165GOOG-14-710300SV-260165r948700_ruleCCI-000366medium
Description
The Android work profile for employee-owned devices (BYOD) is the designated application group for the BYOAD use case. SFR ID: FMT_SMF_EXT.1.1 #47
STIGDate
Google Android 14 MDFPP 3.3 BYOAD Security Technical Implementation Guide2024-02-20

Related Frameworks

4 paths across 3 frameworks
NIST 800-531 mapping
CM-6
1.00
  • DISA · 1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
  • DISA · 1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
  • DISA · 1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
  • DISA · 1 · disa_xccdf · related

Details

Check Text (C-260165r948700_chk)

Review that managed Google Android 14 is configured for BYOD (work profile for employee-owned devices [BYOD]). This procedure is performed on both the EMM Administrator console and the managed Google Android 14 device. On the EMM console, configure the default enrollment as work profile for employee-owned devices (BYOD). On the managed Google Android 14 device: 1. Go to the application drawer. 2. Ensure a Personal tab and a Work tab are present. If on the EMM console, the default enrollment is not set for BYOD (work profile for employee-owned devices [BYOD]), or if on the managed Android 14 device, the user does not have a Work tab, this is a finding.

Fix Text (F-63803r948699_fix)

Configure the Google Android 14 device for BYOD (work profile for employee-owned devices [BYOD]). On the EMM console, configure the default enrollment as work profile for employee-owned devices (BYOD). Refer to the EMM documentation to determine how to configure the device.