← Back to Samsung Android OS 13 with Knox 3.x COBO Security Technical Implementation Guide

V-255130

CAT II (Medium)

Samsung Android must be configured to not allow backup of all applications, configuration data to remote systems. - Disable Data Sync Framework.

Rule ID

SV-255130r959010_rule

STIG

Samsung Android OS 13 with Knox 3.x COBO Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-001090

Discussion

Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often offer less protection than the MOS. Where the remote backup involves a cloud-based solution, the backup capability is often used to synchronize data across multiple devices. In this case, DOD devices may synchronize DOD sensitive information to a user's personal device or other unauthorized computers that are vulnerable to breach. The Data Sync Framework allows apps to synchronize data between the mobile device and other web based services. This uses accounts for those services that the user has added to the mobile device. Preventing the user from adding accounts to the device mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #40

Check Content

Verify requirement KNOX-13-110230 (Disallow modify accounts) has been implemented.

If "Disallow modify accounts" has not been implemented, this is a finding.

Fix Text

Implement "Disallow modify accounts" (see requirement KNOX-13-110230).