Google Android 14 COPE Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Google Android 14 work profile must be configured to prevent users from adding personal email accounts to the work email app.
<VulnDiscussion>If the user is able to add a personal email account (POP3, IMAP, EAS) to the work email app, it could be used to forward sens...Rule Medium Severity -
PP-MDF-993300
<GroupDescription></GroupDescription>Group -
Google Android 14 must be configured to disable trust agents.
<VulnDiscussion>Trust agents allow a user to unlock a mobile device without entering a passcode when the mobile device is, for example, conne...Rule Medium Severity -
PP-MDF-333130
<GroupDescription></GroupDescription>Group -
Google Android 14 must be configured to disable developer modes.
<VulnDiscussion>Developer modes expose features of the mobile operating system (MOS) that are not available during standard operation. An adv...Rule Medium Severity -
PP-MDF-333160
<GroupDescription></GroupDescription>Group -
Google Android 14 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device.
<VulnDiscussion>Before granting access to the system, the mobile operating system is required to display the DOD-approved system use notifica...Rule Low Severity -
PP-MDF-333170
<GroupDescription></GroupDescription>Group -
PP-MDF-333024
<GroupDescription></GroupDescription>Group -
Google Android 14 must be configured to enforce a minimum password length of six characters.
<VulnDiscussion>Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. The ability ...Rule Medium Severity -
PP-MDF-333025
<GroupDescription></GroupDescription>Group -
Google Android 14 must be configured to not allow passwords that include more than four repeating or sequential characters.
<VulnDiscussion>Password strength is a measure of the effectiveness of a password in resisting guessing and brute force attacks. Passwords th...Rule Medium Severity -
PP-MDF-333030
<GroupDescription></GroupDescription>Group -
Google Android 14 must be configured to lock the display after 15 minutes (or less) of inactivity.
<VulnDiscussion>The screen lock timeout must be set to a value that helps protect the device from unauthorized access. Having a too-long time...Rule Medium Severity -
PP-MDF-333040
<GroupDescription></GroupDescription>Group -
Android 14 devices must have the latest available Google Android 14 operating system installed.
<VulnDiscussion>Required security features are not available in earlier operating system versions. In addition, there may be known vulnerabil...Rule High Severity -
Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts.
<VulnDiscussion>The more attempts an adversary has to guess a password, the more likely the adversary will enter the correct password and gai...Rule Medium Severity -
PP-MDF-333050
<GroupDescription></GroupDescription>Group -
Google Android 14 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].
<VulnDiscussion>Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious appl...Rule Medium Severity -
PP-MDF-333060
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.