GOOG-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Many third-party keyboard applications are known to contain malware.

SFR ID: FMT_SMF_EXT.1.1 #47

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure the Google Android 13 device to disallow the use of third-party keyboards.

On the EMM console:

COBO and COPE:

1. Open 'Input methods'.
2. Tap 'Set input methods'.
3. Select only the approved keyboard.

Additionally, Admins can configure application allowlists for Google Play that do not have any third-party keyboards for user installation.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Android_13_V1R1_STIG.zip

Item Details

References: CAT|III, CCI|CCI-000366, Rule-ID|SV-254759r862476_rule, STIG-ID|GOOG-13-010900, Vuln-ID|V-254759

Plugin: MDM

Control ID: 8d0983d1e5deea634724b276d58c64072cf8a71c293b6887455e1e89ed89f81f