Microsoft Android 11 must be configured to disable trust agents. Note: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation.

An XCCDF Rule

Description

Trust agents allow a user to unlock a mobile device without entering a passcode when the mobile device is, for example, connected to a user-selected Bluetooth device or in a user-selected location. This technology would allow unauthorized users to have access to DOD sensitive data if compromised. By not permitting the use of nonpassword authentication mechanisms, users are forced to use passcodes that meet DOD passcode requirements. SFR ID: FMT_SMF_EXT.1.1 #23, FIA_UAU.5.1

ID: SV-255212r870825_rule
Version: MSFT-11-002300
Severity: Medium
References: CCI-000366 CCI-000370 CCI-000381
Updated: 11 days ago

Remediation Templates

Configure Microsoft Android 11 device to disable trust agents. 
 
On the EMM console:
1. Open "Lock screen restrictions" section.
2. Select "Personal Profile".
3. Toggle "Disable trust agents" to "On".4. Select "Work Profile".
5. Toggle "Disable trust agents" to "On".

Microsoft Android 11 must be configured to disable trust agents. Note: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation.

Description

Remediation Templates

A Manual Procedure