STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

Google Android 13 MDFPP 3.3 BYOAD Security Technical Implementation Guide

Version

V1R1

Benchmark ID

Google_Android_13_MDF_PP_3-3_BYOAD_STIG

Total Checks

14

Tags

mobile
CAT I: 3CAT II: 10CAT III: 1

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (14)

V-258461MEDIUMThe EMM system supporting the Google Android 13 BYOAD must be configured for autonomous monitoring, compliance, and validation to ensure security/configuration settings of mobile devices do not deviate from the approved configuration baseline.V-258462MEDIUMThe EMM system supporting the Google Android 13 BYOAD must be configured to initiate autonomous monitoring, compliance, and validation prior to granting the Google Android 13 BYOAD access to DOD information and IT resources.V-258463MEDIUMThe EMM system supporting the Google Android 13 BYOAD must be configured to detect if the Google Android 13 BYOAD native security controls are disabled.V-258464MEDIUMThe EMM system supporting the Google Android 13 BYOAD must be configured to detect if known malicious applications, blocked, or prohibited applications are installed on the Google Android 13 BYOAD (DOD-managed segment only).V-258465MEDIUMThe EMM detection/monitoring system must use continuous monitoring of enrolled Google Android 13 BYOAD.V-258466MEDIUMThe Google Android 13 BYOAD must be configured to either disable access to DOD data and IT systems and user accounts or wipe the work profile if the EMM system detects native security controls are disabled.V-258467MEDIUMThe Google Android 13 BYOAD must be configured to either disable access to DOD data and IT systems and user accounts or wipe the work profile if the EMM system detects the Google Android 13 BYOAD device has known malicious, blocked, or prohibited applications, or configured to access nonapproved third-party applications stores in the work profile.V-258468MEDIUMThe Google Android 13 BYOAD must be configured so that the work profile is removed if the device is no longer receiving security or software updates.V-258469HIGHThe Google Android 13 BYOAD and DOD enterprise must be configured to limit access to only AO-approved, corporate-owned enterprise IT resources.V-258470HIGHThe EMM system supporting the Google Android 13 BYOAD must be NIAP validated (included on the NIAP list of compliant products or products in evaluation) unless the DOD CIO has granted an Approved Exception to Policy (E2P).V-258471LOWThe User Agreement must include a description of what personal data and information is being monitored, collected, or managed by the EMM system or deployed agents or tools.V-258472MEDIUMThe DOD Mobile Service Provider must not allow Google Android 13 BYOADs in facilities where personally owned mobile devices are prohibited.V-258473MEDIUMThe Google Android 13 BYOAD must be configured to disable device cameras and/or microphones when brought into DOD facilities where mobile phone cameras and/or microphones are prohibited.V-258474HIGHThe mobile device used for BYOAD must be NIAP validated.