STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Honeywell Android 9.x COBO Security Technical Implementation Guide

V-235053

CAT II (Medium)

The Honeywell Android Pie must wipe all data upon unenrollment from MDM.

Rule ID

SV-235053r626530_rule

STIG

Honeywell Android 9.x COBO Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000366, CCI-000370, CCI-001033

Discussion

When a mobile device is no longer going to be managed by MDM technologies, its protected/sensitive data must be sanitized because it will no longer be protected by the MDM software, so it is at much greater risk of unauthorized access and disclosure. At least one of the two options must be selected. SFR ID: FMT_SMF_EXT.2.1

Check Content

Review Honeywell Android device configuration settings to determine if the mobile device is configured to prohibit the user from unenrolling the Honeywell device from MDM management.

This validation procedure is performed only on the MDM Administration console. 

On the MDM console:
Ensure "Disallow remove managed profile" is enabled.

If the MDM console device policy is not configured to prohibit the user from unenrolling the Honeywell device from MDM management, this is a finding.

Fix Text

On the MDM console:
Enable "Disallow remove managed profile".

Prior to unenrollment, the MDM administrator should issue a factory reset to ensure all data is wiped by doing the following in the MDM console: 
Wipe data.