Samsung Android Work Environment must be configured to not allow backup of all applications, configuration data to remote systems (device management backup). - Disable Backup Services
An XCCDF Rule
Description
<VulnDiscussion>Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often offer less protection than the MOS. Where the remote backup involves a cloud-based solution, the backup capability is often used to synchronize data across multiple devices. In this case, DoD devices may synchronize DoD sensitive information to a user's personal device or other unauthorized computers that are vulnerable to breach. Disallowing remote backup mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #40</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-230989r607691_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure Samsung Android Work Environment to disable backup to remote systems (including commercial clouds) (device management backup).
This requirement is inherently met for COPE because data in a work profile cannot be backed up by default.
This guidance is applicable to COBO only.