STIGs Search Compare About

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
Compare Versions

Resources

About
VPAT
DISA STIG Library

STIGs updated 1 hour ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

Honeywell Android 13 COPE Security Technical Implementation Guide

Version

V1R1

Release Date

May 7, 2025

SCAP Benchmark ID

HW_Android_13_COPE_STIG

Total Checks

36

Tags

mobile

CAT I: 2CAT II: 30CAT III: 4

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON Download STIG ZIP

Checks (36)

V-274378MEDIUMHoneywell Android 13 must be configured to enforce a minimum password length of six characters.V-274379MEDIUMHoneywell Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters.V-274380MEDIUMHoneywell Android 13 must be configured to lock the display after 15 minutes (or less) of inactivity.V-274381MEDIUMHoneywell Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts.V-274382MEDIUMHoneywell Android 13 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].V-274383MEDIUMHoneywell Android 13 must be configured to enforce an application installation policy by specifying an application allowlist that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version].V-274384MEDIUMHoneywell Android 13 allowlist must be configured to not include applications with the following characteristics: - Backs up MD data to non-DOD cloud servers (including user and application access to cloud backup services); - Transmits MD diagnostic data to non-DOD servers; - Voice assistant application if available when MD is locked; - Voice dialing application if available when MD is locked; - Allows synchronization of data or applications between devices associated with user; - Payment processing; and - Allows unencrypted (or encrypted but not FIPS 140-3 validated) data sharing with other MDs, display screens (screen mirroring), or printers.V-274385MEDIUMHoneywell Android 13 must be configured to not display the following (work profile) notifications when the device is locked: [selection: a. email notifications b. calendar appointments c. contact associated with phone call notification d. text message notification e. other application-based notifications f. all notifications].V-274389MEDIUMHoneywell Android 13 must be configured to disable trust agents.V-274391MEDIUMHoneywell Android 13 must be configured to disable developer modes.V-274394LOWHoneywell Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device.V-274395MEDIUMHoneywell Android 13 must be configured to generate audit records for the following auditable events: Detected integrity violations.V-274399MEDIUMHoneywell Android 13 must be configured to disable USB mass storage mode.V-274400MEDIUMHoneywell Android 13 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.V-274401MEDIUMHoneywell Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems.V-274402MEDIUMHoneywell Android 13 must be configured to enable authentication of personal hotspot connections to the device using a preshared key.V-274404MEDIUMHoneywell Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].V-274405MEDIUMHoneywell Android 13 must be configured to disable multiuser modes.V-274409LOWHoneywell Android 13 must be configured to disable Bluetooth or configured via User-Based Enforcement (UBE) to allow Bluetooth for only Headset Profile (HSP), Hands-Free Profile (HFP), and Serial Port Profile (SPP).V-274410MEDIUMHoneywell Android 13 must be configured to disable ad hoc wireless client-to-client connection capability.V-274411HIGHAll mobile Honeywell cryptography must be configured to be in FIPS 140-3 validated mode.V-274412MEDIUMHoneywell Android 13 must allow only the administrator (EMM) to install/remove DOD root and intermediate PKI certificates.V-274413MEDIUMHoneywell Android 13 must be configured to enable audit logging.V-274414MEDIUMHoneywell Android 13 users must complete required training.V-274415MEDIUMHoneywell Android 13 must be configured to enforce that Wi-Fi Sharing is disabled.V-274416MEDIUMHoneywell Android 13 must have the DOD root and intermediate PKI certificates installed.V-274417MEDIUMThe Honeywell Android 13 work profile must be configured to prevent users from adding personal email accounts to the work email app.V-274418MEDIUMThe Honeywell Android 13 work profile must be configured to enforce the system application disable list.V-274419MEDIUMHoneywell Android 13 must be provisioned as a fully managed device and configured to create a work profile.V-274420MEDIUMThe Honeywell Android 13 work profile must be configured to disable automatic completion of workspace internet browser text input.V-274421MEDIUMThe Honeywell Android 13 work profile must be configured to disable the autofill services.V-274422MEDIUMHoneywell Android 13 must be configured to disallow configuration of date and time.V-274424HIGHAndroid 13 devices must have the latest available Honeywell Android 13 operating system installed.V-274425LOWAndroid 13 devices must be configured to disable the use of third-party keyboards.V-274426LOWAndroid 13 devices must be configured to enable Common Criteria (CC) mode.V-274427MEDIUMHoneywell Android 13 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)].