Detections
Analytics

AirWatch - DISA Google Android 15 COPE STIG v1r2

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: AirWatch - DISA Google Android 15 COPE STIG v1r2

Updated: 3/6/2026

Authority: DISA STIG

Plugin: MDM

Revision: 1.2

Estimated Item Count: 40

File Details

Filename: DISA_STIG_Google_Android_15_COPE_v1r2-AirWatch.audit

Size: 77.6 kB

MD5: 2e5b242b54ae2cd1bacc53a5a22f00ef
SHA256: d4bc79b8cd62ec9ddb3a22652e0c5900f335c01c3e2721dc50c63715fa0de69e

Audit Items

DescriptionCategories
GOOG-15-002800 - Google Android 15 must be configured to enable audit logging.
GOOG-15-006000 - Google Android 15 must be configured to enforce a minimum password length of six characters.
GOOG-15-006100 - Google Android 15 must be configured to not allow passwords that include more than four repeating or sequential characters - Characters
GOOG-15-006100 - Google Android 15 must be configured to not allow passwords that include more than four repeating or sequential characters - Numbers
GOOG-15-006300 - Google Android 15 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity.
GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts.
GOOG-15-006500 - Google Android 15 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].
GOOG-15-006600 - Google Android 15 must be configured to enforce an application installation policy by specifying an application allow list that restricts applications by the following characteristics: [selection: list of digital signatures, cryptographic hash values, names, application version].
GOOG-15-006700 - Google Android 15 allow list must be configured to not include applications with the following characteristics:
GOOG-15-006750 - Google Android 15 allow list must be configured to not include artificial intelligence (AI) applications that process device data in the cloud, including Google Gemini.
GOOG-15-006800 - Google Android 15 must be configured to not display the following (work profile) notifications when the device is locked:
GOOG-15-007200 - Google Android 15 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation.
GOOG-15-007400 - Google Android 15 must be configured to disable developer modes.
GOOG-15-007700 - Google Android 15 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device.
GOOG-15-007800 - Google Android 15 must be configured to generate audit records for the following auditable events: Detected integrity violations.
GOOG-15-008400 - Google Android 15 must be configured to disable USB mass storage mode.
GOOG-15-008500 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems.
GOOG-15-008700 - Google Android 15 must be configured to enable authentication of personal hotspot connections to the device using a preshared key.
GOOG-15-008900 - Google Android 15 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
GOOG-15-009000 - Google Android 15 must be configured to disable multiuser modes.
GOOG-15-009400 - Google Android 15 must be configured to disable all Bluetooth profiles except for HSP (Headset Profile), HFP (Hands-Free Profile), SPP (Serial Port Profile), A2DP (Advanced Audio Distribution Profile), AVRCP (Audio/Video Remote Control Profile), and PBAP (Phone Book Access Profile) - SPP.
GOOG-15-009500 - Google Android 15 must be configured to disable ad hoc wireless client-to-client connection capability.
GOOG-15-009800 - Google Android 15 users must complete required training.
GOOG-15-009900 - Google Android 15 must be configured to disable Wi-Fi Sharing.
GOOG-15-009950 - Google Android 15 must be configured to enforce a password for Wi-Fi and Bluetooth hotspot, if approved for use by the authorizing official (AO). If not approved for use, Wi-Fi and Bluetooth hotspot must be disabled.
GOOG-15-010000 - Google Android 15 must have the DOD root and intermediate PKI certificates installed.
GOOG-15-010100 - The Google Android 15 work profile must be configured to prevent users from adding personal email accounts to the work email app.
GOOG-15-010200 - The Google Android 15 work profile must be configured to enforce the system application disable list.
GOOG-15-010300 - Google Android 15 must be provisioned as a fully managed device and configured to create a work profile.
GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input.
GOOG-15-010500 - The Google Android 15 work profile must be configured to disable the autofill services.
GOOG-15-010600 - Google Android 15 must be configured to disallow configuration of date and time.
GOOG-15-010800 - Android 15 devices must have the latest available Google Android 15 operating system installed.
GOOG-15-010900 - Android 15 devices must be configured to disable the use of third-party keyboards.
GOOG-15-011000 - Android 15 devices must be configured to enable Common Criteria (CC) Mode - CC Mode.
GOOG-15-012200 - Google Android 15 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)] - for example, USB].
GOOG-15-012300 - The Google Android 15 must allow only the administrator (EMM) to install/remove DOD root and intermediate PKI certificates - EMM to install/remove DOD root and intermediate PKI certificates.
GOOG-15-012400 - Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub.
GOOG-15-012500 - Google Android 15 must be configured to disable 'Private Space' use.