GOOG-10-008800 - Google Android 10 must be configured to enforce that Wi-Fi Sharing is disabled.

Information

Wi-Fi Sharing is an optional configuration of Wi-Fi Tethering/Mobile Hotspot, which allows the device to share its Wi-Fi connection with other wirelessly connected devices instead of its mobile (cellular) connection.

Wi-Fi Sharing grants the 'other' device access to a corporate Wi-Fi network and may possibly bypass the network access control mechanisms. This risk can be partially mitigated by requiring the use of a preshared key for personal hotspots.

SFR ID: FMT_SMF_EXT.1.1 #47

Solution

Configure Google Android 10 to disable Wi-Fi Sharing.

Mobile Hotspot must be enabled in order to enable Wi-Fi Sharing. If the AO has not approved Mobile Hotspot, and it has been disabled on the MDM console, no further action is needed. If Mobile Hotspot is being used, use the following procedure to disable Wi-Fi Sharing:

On the MDM console:
1. Open the User restrictions setting.
2. Set 'Disallow config tethering' to on.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Android_10-x_V1R2_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-108067r1_rule, STIG-ID|GOOG-10-008800, Vuln-ID|V-98963

Plugin: MDM

Control ID: 23695b8949f562a0c99964d6bc81c496c6db2a20de01f138481c9e9da4cd4ae4