CylancePROTECT Mobile must be configured with the following compliance actions when insecure networks are detected for mobile devices: -Block device from network connection and insecure Wi-Fi access points. -Block access to BlackBerry Dynamics apps.

An XCCDF Rule

Description

<VulnDiscussion>When a compliance failure is detected, compliance actions must be implemented immediately to limit exposure of sensitive data and unauthorized access to the mobile device.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-257265r918379_rule
Severity: Medium
References: CCI-000366
Updated: 8 months ago

Configure the following compliance actions when insecure networks are detected:
-Block device from network connection and insecure Wi-Fi access points.
-Block access to BlackBerry Dynamics apps.

1. Log on to the BlackBerry UEM console.
2. In the management console on the menu bar, click Policies and profiles >> Compliance >> Compliance.3. Create a new compliance profile or select and edit an existing compliance profile.
4. Configure compliance actions for insecure network detection.
a. On both the iOS and Android tabs, in the BlackBerry Protect section, select the "Insecure network detected" check box.
b. Configure the behavior prompt settings: Prompt for compliance: "Immediate enforcement action".
c. In the "Enforcement action for device" drop-down list, select the following: "Untrust" (Android only).
d. In the "Enforcement action for BlackBerry Dynamics apps" drop-down list, select the following: "Do not allow BlackBerry Dynamics apps to run".
5. Configure compliance actions for insecure Wi-Fi access point detection (Android only).
a. On the Android tab in the BlackBerry Protect section, select the "Insecure Wi-Fi network detected" check box.
b. Configure the behavior prompt settings: Prompt for compliance: "Immediate enforcement action".
c. In the "Enforcement action for device" drop-down list, select the following: "Untrust".
d. In the "Enforcement action for BlackBerry Dynamics apps" drop-down list, select the following: "Do not allow BlackBerry Dynamics apps to run".
6. Click "Save".
7. Assign the profile to users.

CylancePROTECT Mobile must be configured with the following compliance actions when insecure networks are detected for mobile devices: -Block device from network connection and insecure Wi-Fi access points. -Block access to BlackBerry Dynamics apps.

Description

Remediation - Manual Procedure