Google Android 15 COPE Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
PP-MDF-333250
<GroupDescription></GroupDescription>Group -
Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems.
<VulnDiscussion>Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often o...Rule Medium Severity -
PP-MDF-333260
<GroupDescription></GroupDescription>Group -
Google Android 15 must be configured to enable authentication of personal hotspot connections to the device using a preshared key.
<VulnDiscussion>If no authentication is required to establish personal hotspot connections (Wi-Fi and Bluetooth), an adversary may be able to...Rule Medium Severity -
PP-MDF-333280
<GroupDescription></GroupDescription>Group -
Google Android 15 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
<VulnDiscussion>App data sharing gives apps the ability to access the data of other apps for enhanced user functionality. However, sharing al...Rule Medium Severity -
PP-MDF-333290
<GroupDescription></GroupDescription>Group -
Google Android 15 must be configured to disable multiuser modes.
<VulnDiscussion>Multiuser mode allows multiple users to share a mobile device by providing a degree of separation between user data. To date,...Rule Medium Severity -
PP-MDF-333320
<GroupDescription></GroupDescription>Group -
Google Android 15 users must complete required training.
<VulnDiscussion>The security posture of Google devices requires the device user to configure several required policy rules on their device. U...Rule Medium Severity -
PP-MDF-993300
<GroupDescription></GroupDescription>Group -
Google Android 15 must be configured to disable Wi-Fi Sharing.
<VulnDiscussion>Wi-Fi Sharing is an optional configuration of Wi-Fi Tethering/Mobile Hotspot, which allows the device to share its Wi-Fi conn...Rule Medium Severity -
PP-MDF-993300
<GroupDescription></GroupDescription>Group -
Google Android 15 must be configured to enforce a password for Wi-Fi and Bluetooth hotspot, if approved for use by the authorizing official (AO). If not approved for use, Wi-Fi and Bluetooth hotspot must be disabled.
<VulnDiscussion>Wi-Fi and Bluetooth hotspot use may increase the risk for exposing sensitive DOD data for some use cases, therefore it should...Rule Medium Severity -
PP-MDF-993300
<GroupDescription></GroupDescription>Group -
Google Android 15 must have the DOD root and intermediate PKI certificates installed.
<VulnDiscussion>DOD root and intermediate PKI certificates are used to verify the authenticity of PKI certificates of users and web services....Rule Medium Severity -
PP-MDF-993300
<GroupDescription></GroupDescription>Group -
The Google Android 15 work profile must be configured to prevent users from adding personal email accounts to the work email app.
<VulnDiscussion>If the user is able to add a personal email account (POP3, IMAP, EAS) to the work email app, it could be used to forward sens...Rule Medium Severity -
PP-MDF-993300
<GroupDescription></GroupDescription>Group -
Android 15 devices must have the latest available Google Android 15 operating system installed.
<VulnDiscussion>Required security features are not available in earlier operating system versions. In addition, there may be known vulnerabil...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.