Skip to content

The Google Android 12 Work Profile must be configured to prevent users from adding personal email accounts to the work email app.

An XCCDF Rule

Description

<VulnDiscussion>If the user is able to add a personal email account (POP3, IMAP, EAS) to the work email app, it could be used to forward sensitive DoD data to unauthorized recipients. Restricting email account addition to the administrator or restricting email account addition to allowlisted accounts mitigates this vulnerability. SFR ID: FMT_SMF_EXT.1.1 #47</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-250442r802684_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the Google Android 12 device to prevent users from adding personal email accounts to the work email app. 
 
On the EMM console: 

COPE: