Google Android 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.

An XCCDF Rule

Description

<VulnDiscussion>Data on mobile devices is protected by numerous mechanisms, including user authentication, access control, and cryptography. When the data is backed up to an external system (either locally connected or cloud based), many if not all of these mechanisms are no longer present. This leaves the backed-up data vulnerable to attack. Disabling backup to external systems mitigates this risk. SFRID: FMT_SMF.1.1 #40</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-267540r1031805_rule
Severity: Medium
References: CCI-001090
Updated: 16 days ago

Configure the Google Android 15 device to disable backup to locally connected systems.

On the EMM console:

COBO and COPE:
1. Open "Device owner management".
2. Toggle "Enable backup service" to "OFF".

Google Android 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.

Description

Remediation - Manual Procedure