GOOG-09-000800 - The Google Android Pie must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store] - Google Play

Information

Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing such installations and executions could cause a compromise of DoD data accessible by these unauthorized/malicious applications.

SFR ID: FMT_SMF_EXT.1.1 #8a

Solution

Configure the Google Android device to disable unauthorized application repositories.

On the MDM Console:
1. Open restrictions section.
2. Open Restrictions Section.
3. Set Allow 'Google Play' (Uses only Managed Google Play).
4. Set Disallow 'Install unknown sources'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Android_9-x_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., 800-53|CM-11b., CAT|II, CCI|CCI-000366, CCI|CCI-001806, Rule-ID|SV-228283r852692_rule, STIG-ID|GOOG-09-000800, STIG-Legacy|SV-106419, STIG-Legacy|V-97315, Vuln-ID|V-228283

Plugin: MDM

Control ID: c65d9a5da9dcbb549bbcfa8420f41ee57554575cc2c66aec208a32b1fc28705b