Rule ID
SV-272498r1098796_rule
Version
V1R2
CCIs
CCI-000366
DOD policy requires BYOAD devices with DOD data be managed by a DOD MDM server, MAM server, or VMI system. This ensures the device can be monitored for compliance with the approved security baseline and the work profile can be removed when the device is out of compliance, which protects DOD data from unauthorized exposure. Examples of possible EMM security controls are as follows: 1. Device access restrictions: Restrict or isolate access based on the device access type (i.e., from the internet), authentication type (e.g., password), credential strength, etc. 2. User and device activity monitoring: Configured to detect anomalous activity, malicious activity, and unauthorized attempts to access DOD information. 3. Device health tracking: Monitor device attestation, health, and agents reporting compromised applications, connections, intrusions, and/or signatures. Reference: DOD policy "Use of Non-Government Mobile Devices" (3.a.(3)ii, 3.b.(2)ii.1 & 2). SFR ID: FMT_SMF_EXT.1.1 #47
Verify the EMM system supporting the Samsung Android 15 BYOAD has been configured to conduct autonomous monitoring, compliance, and validation to ensure security/configuration settings of mobile devices do not deviate from the approved configuration baseline. The exact procedure will depend on the EMM system used at the site. If the EMM system supporting the Samsung Android 15 BYOAD has not been configured to conduct autonomous monitoring, compliance, and validation to ensure security/configuration settings of mobile devices, this is a finding.
Configure the EMM system supporting the Samsung Android 15 BYOAD to conduct autonomous monitoring, compliance, and validation to ensure security/configuration settings of mobile devices do not deviate from the approved configuration baseline. The exact procedure will depend on the EMM system used at the site.