Samsung Android Work Environment must be configured to not allow backup of all applications, configuration data to remote systems (device management backup). - Disable Backup Services

An XCCDF Rule

Description

Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often offer less protection than the MOS. Where the remote backup involves a cloud-based solution, the backup capability is often used to synchronize data across multiple devices. In this case, DoD devices may synchronize DoD sensitive information to a user's personal device or other unauthorized computers that are vulnerable to breach. Disallowing remote backup mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #40

ID: SV-230989r607691_rule
Version: KNOX-11-007300
Severity: Medium
References: CCI-002338
Updated: 15 days ago

Remediation Templates

Configure Samsung Android Work Environment to disable backup to remote systems (including commercial clouds) (device management backup).

This requirement is inherently met for COPE because data in a work profile cannot be backed up by default. 

This guidance is applicable to COBO only.

On the management tool, in the Work Environment restrictions section, set "Backup service" to "Disallow".

Samsung Android Work Environment must be configured to not allow backup of all applications, configuration data to remote systems (device management backup). - Disable Backup Services

Description

Remediation Templates

A Manual Procedure