Skip to content
Catalogs
XCCDF
Google Android 14 BYOAD Security Technical Implementation Guide
PP-BYO-000200
The EMM system supporting the Google Android 14 BYOAD must be NIAP validated (included on the NIAP list of compliant products or products in evaluation) unless the DOD CIO has granted an Approved Exception to Policy (E2P).
The EMM system supporting the Google Android 14 BYOAD must be NIAP validated (included on the NIAP list of compliant products or products in evaluation) unless the DOD CIO has granted an Approved Exception to Policy (E2P). An XCCDF Rule
The EMM system supporting the Google Android 14 BYOAD must be NIAP validated (included on the NIAP list of compliant products or products in evaluation) unless the DOD CIO has granted an Approved Exception to Policy (E2P).
Medium Severity
<VulnDiscussion>Note: For a VMI solution, both the client and server must be NIAP compliant.
Nonapproved EMM systems may not include sufficient controls to protect work data, applications, and networks from malware or adversary attack. EMM: mobile device management (MDM), mobile application management (MAM), mobile content management (MCM), or virtual mobile infrastructure (VMI).
Components must only approve devices listed on the NIAP compliant product list or products listed in evaluation at the following links:
- https://www.niap-ccevs.org/Product/
- https://www.niap-ccevs.org/Product/PINE.cfm
Reference: DOD policy "Use of Non-Government Mobile Devices" (3.a.(2)).
SFR ID: FMT_SMF_EXT.1.1 #47</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>