MSFT-11-005400 - Microsoft Android 11 must allow the Administrator (EMM) to perform the following management function: Wipe Enterprise data.

Information

When a user's device is lost or stolen, it is useful to remotely wipe it as soon as possible to avoid loss of DOD sensitive information. The Administrator must have the capability to force a wipe on a lost or stolen device to reduce the risk of compromise of sensitive DOD data. This capability mitigates that risk.

SFR ID: FMT_SMF_EXT.1.1 #28

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

To perform the wipe Enterprise of data function on a Microsoft Android 11 device (when required).

On the EMM console:
1. Open 'Managed work profile specific policies'.
2. Select 'Remove work profile'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Android_11_FY24M07_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-7(2), 800-53|CM-6(1), CAT|II, CCI|CCI-000370, CCI|CCI-002242, Rule-ID|SV-255221r959010_rule, STIG-ID|MSFT-11-005400, Vuln-ID|V-255221

Plugin: MDM

Control ID: 13f6ad075ca8ca795b4a1c64f49589262359b70029b5f0a2c5ccca049fc7389a