Samsung Android must be configured to not allow backup of all applications and configuration data to locally connected systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-269047 | KNOX-15-007300 | SV-269047r1036237_rule | CCI-001090 | medium |
| Description | ||||
| Data on mobile devices is protected by numerous mechanisms, including user authentication, access control, and cryptography. When the data is backed up to an external system (either locally connected or cloud based), many if not all of these mechanisms are no longer present. This leaves the backed-up data vulnerable to attack. Disabling backup to external systems mitigates this risk. SFRID: FMT_SMF.1.1 #40 | ||||
| STIG | Date | |||
| Samsung Android OS 15 with Knox 3.x COPE Security Technical Implementation Guide | 2024-12-10 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
SC-4
1.00
- DISA · 1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.13.4
1.00
- DISA · 1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001090
1.00
- DISA · 1 · disa_xccdf · related
Details
Check Text (C-269047r1036237_chk)
Verify requirement KNOX-15-007200 (disallow USB file transfer) has been implemented.
If "Disallow USB file transfer" has not been implemented, this is a finding.
Fix Text (F-72978r1036236_fix)
Ensure "USB file transfer" has been disallowed (refer to requirement KNOX-15-007200).