Rule ID
SV-283559r1190088_rule
Version
V1R1
CCIs
CCI-000366
Authorizing official (AO) approval is required before the Zebra device Bluetooth radio can be enabled. All AO approvals must be documented and based on critical mission need. Use of Bluetooth may lead to the exposure of sensitive DOD information in some operational environments. SFR ID: FMT_MOF_EXT.1.2 #47
Determine if the site AO has approved the use of Zebra device Bluetooth radios. Look for a document showing AO approval. All AO approvals must be documented and based on critical mission need.
If not approved, review configuration settings on the MDM server to confirm Bluetooth has been disabled, and on the Zebra device, verify Bluetooth cannot be enabled. If approved, this requirement is not applicable.
This check procedure is performed on both the device management tool and managed Zebra device.
In the Android management tool, verify Bluetooth is disabled ("DISALLOW_BLUETOOTH" enabled) in the configuration profile.
On the managed Zebra device, verify the Bluetooth radio is disabled and cannot be enabled:
Settings >> Connected devices >> Connection preferences >> Bluetooth
If Bluetooth has not been disabled in the device's MDM configuration profile or if Bluetooth can be enabled on the Zebra device, this is a finding.If the AO has not approved the use of the Zebra device Bluetooth radio, install a configuration profile to disable Bluetooth use. On the MDM console: In the configuration profile for the device, disable Bluetooth (enable "DISALLOW_BLUETOOTH").