Documentation - V-267543

V-267543

Google Android 15 COPE Security Technical Implementation Guide

CAT II

Title

Google Android 15 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].

Description

<VulnDiscussion>App data sharing gives apps the ability to access the data of other apps for enhanced user functionality. However, sharing also poses a significant risk that unauthorized users or apps will obtain access to DOD sensitive information. To mitigate this risk, there are data sharing restrictions, primarily from sharing data from personal (unmanaged) apps and work (managed) apps. If a user is allowed to make exceptions to the data sharing restriction policy, the user could enable unau...

Fix Text (Documentation Requirement)

Configure the Google Android 15 device to enable the access control policy that prevents [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes]. Note: All application data is inherently sandboxed and isolated from other applications. To disable copy/paste on the EMM console: COPE: 1. Open "User restrictions". 2. Open "Set user restrictions". 3. Toggle "Disallow cross profile copy/paste" to "ON".

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel