Google Android 12 COPE Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
PP-MDF-990000
Group -
Google Android 12 Work Profile must be configured to disable the autofill services.
The autofill services allow the user to complete text inputs that could contain sensitive information, such as personally identifiable information (PII), without previous knowledge of the informati...Rule Medium Severity -
PP-MDF-990000
Group -
Google Android 12 must be configured to disallow configuration of date and time.
Determining the correct time a particular application event occurred on a system is critical when conducting forensic analysis and investigating system events. Periodically synchronizing interna...Rule Medium Severity -
PP-MDF-990000
Group -
PP-MDF-990000
Group -
Google Android 12 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)].
If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DoD information systems. An adversary could exploi...Rule Medium Severity -
PP-MDF-990000
Group -
Google Android 12 must be configured to enable audit logging.
Audit logs enable monitoring of security-relevant events and subsequent forensics when breaches occur. To be useful, Administrators must have the ability to view the audit logs. SFR ID: FMT_SMF_EX...Rule Medium Severity -
Google Android 12 must be configured to enforce a minimum password length of six characters.
Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. The ability to crack a password is a function of how many attempts an adversary is p...Rule Medium Severity -
Google Android 12 must be configured to lock the display after 15 minutes (or less) of inactivity.
The screen lock timeout must be set to a value that helps protect the device from unauthorized access. Having a too-long timeout would increase the window of opportunity for adversaries who gain ph...Rule Medium Severity -
Google Android 12 must be configured to not display the following (work profile) notifications when the device is locked: [selection: a. email notifications b. calendar appointments c. contact associated with phone call notification d. text message notification e. other application-based notifications f. all notifications].
Many mobile devices display notifications on the lock screen so that users can obtain relevant information in a timely manner without having to frequently unlock the phone to determine if there are...Rule Medium Severity -
Google Android 12 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
Data on mobile devices is protected by numerous mechanisms, including user authentication, access control, and cryptography. When the data is backed up to an external system (either locally connect...Rule Medium Severity -
Google Android 12 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
App data sharing gives apps the ability to access the data of other apps for enhanced user functionality. However, sharing also poses a significant risk that unauthorized users or apps will obtain ...Rule Medium Severity -
Google Android 12 must be configured to disable ad hoc wireless client-to-client connection capability.
Ad hoc wireless client-to-client connections allow mobile devices to communicate with each other directly, circumventing network security policies and making the traffic invisible. This could allow...Rule Medium Severity -
Google Android 12 work profile must be configured to enforce the system application disable list.
The system application disable list controls user access to/execution of all core and preinstalled applications. Core application: Any application integrated into Google Android 12 by Google. ...Rule Medium Severity -
Google Android 12 work profile must be configured to disable automatic completion of work space Internet browser text input.
The autofill functionality in the web browser allows the user to complete a form that contains sensitive information, such as personally identifiable information (PII), without previous knowledge o...Rule Medium Severity -
Android 12 devices must have the latest available Google Android 12 operating system installed.
Required security features are not available in earlier operating system versions. In addition, there may be known vulnerabilities in earlier versions. SFR ID: FMT_SMF_EXT.1.1 #47Rule High Severity -
Android 12 devices must be configured to disable the use of third-party keyboards.
Many third-party keyboard applications are known to contain malware. SFR ID: FMT_SMF_EXT.1.1 #47Rule Low Severity -
Google Android 12 must allow only the administrator (EMM) to install/remove DoD root and intermediate PKI certificates.
DoD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services. If the user is allowed to remove root and intermediate certificates, th...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.