Rule ID
SV-279244r1140682_rule
Version
V1R3
CCIs
CCI-000366
Authorizing official (AO) approval is required before the Samsung device Bluetooth radio can be enabled. All AO approvals must be documented and based on critical mission need. Use of Bluetooth may lead to the exposure of sensitive DOD information in some operational environments. SFR ID: FMT_MOF_EXT.1.2 #47
Determine if the site AO has approved the use of Samsung device Bluetooth radios. Locate a document showing AO approval. All AO approvals must be documented and based on critical mission need.
If not approved, review configuration settings on the MDM server to confirm Bluetooth has been disabled, and on the Samsung device, verify Bluetooth cannot be enabled. If approved, this requirement is not applicable.
This check procedure is performed on both the device management tool and managed Samsung device.
Note: If an organization has multiple configuration profiles, the Check procedure must be performed on the relevant configuration profiles applicable to the scope of the review.
In the management tool, verify Bluetooth is disabled ("DISALLOW_BLUETOOTH" enabled) in the configuration profile.
On the managed Samsung device, verify the Bluetooth radio is disabled and cannot be enabled:
Settings >> Connected devices >> Connection preferences >> Bluetooth
If Bluetooth has not been disabled in the device's MDM configuration profile or if Bluetooth can be enabled on the Samsung device, this is a finding.If the AO has not approved the use of the Samsung device Bluetooth radio, install a configuration profile to disable Bluetooth use. On the MDM console: In the configuration profile for the device, disable Bluetooth (enable "DISALLOW_BLUETOOTH")