Free DISA STIG and SRG Library | Vaulted

V-98973

Google Android 10 must be provisioned as a fully managed device and configured to create a work profile.

Finding ID
GOOG-10-009600
Rule ID
SV-108077r1_rule
Severity
Cat II
CCE
(None)
Group Title
PP-MDF-991000
CCI
CCI-000366
Target Key
(None)
Documentable
No
Discussion

The Android Enterprise Work Profile is the designated application group for the COPE use case. SFR ID: FMT_SMF_EXT.1.1 #47

Fix Text

Configure Google Android 10 in a Corporate Owned Work Managed configuration. On the MDM console, configure the default enrollment as Corporate Owned Work Managed. Refer to the MDM documentation to determine how to configure the device to enroll as Corporate Owned Work Managed.

Check Content

Review that Google Android 10 is configured as Corporate Owned Work Managed. This procedure is performed on both the MDM Administrator console and the Google Android 10 device. On the MDM console, verify that the default enrollment is set to Corporate Owned Work Managed. On the Google Android 10 device, do the following: 1. Go to the application drawer. 2. Ensure a Personal tab and a Work tab are present. If on the MDM console the account the default enrollment is set to Corporate Owned Work Managed or on the Google Android 10 device the user does not see a Work tab, this is a finding.