2.2 Ensure 'Use location' is set to 'Disabled'

Information

Disable Location when not in use.
The recommended state for this setting is: Disabled.

Rationale:

Location allows applications such as Maps and Internet websites to gather and use data indicating the user's location. The user's location is determined using available information from cellular network data, local Wi-Fi networks, Bluetooth and GPS. If the user turns off Location Services, the user will be prompted to turn it back on again the next time any application tries to use this feature.
Disabling location reduces the capability of an attacker to determine or track the user's location via websites, locally installed applications or other means without user's consent. Thus, it should be disabled when not in use.

Note: Location is very important for tracking your lost device if the device data is not disabled. Make a judicious call and decide what works best for you or in your environment.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Follow the below steps to disable Use location:

Tap Settings Gear Icon.
Tap Location.
Toggle Use Location switch to the OFF position.

Impact:

Each time an application needs location data, the user activity would be interrupted to enable the location.
Another impact could be on finding your lost device. If the device is lost and the location is disabled, you cannot use remote locate services such as Android Device Manager.

Default Value:

By default, Location is enabled.

See Also

https://workbench.cisecurity.org/files/2466

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-19, CSCv6|13

Plugin: MDM

Control ID: ffcdee089a269ec03d2e34153e67e6b1959e2a070ee94f46b4df1b20018a097c