KNOX-07-002400 - Disable all Bluetooth profiles except for HSP, HFP, and SPP - Disable Bluetooth Desktop Connectivity

Information

Some Bluetooth profiles provide the capability for remote transfer of sensitive DoD data without encryption or otherwise do not meet DoD IT security policies and therefore should be disabled.

SFR ID: FMT_SMF_EXT.1.1 #18h

NOTE: Nessus has identified that Bluetooth is disabled, which satisfies the requirement.

Solution

Configure the Samsung Android 7 with Knox to disable all Bluetooth profiles except for HSP, HFP, and SPP.

On the MDM console, make sure that all options are deselected except HFP, HSP, and SPP in the "Allowed Bluetooth Profiles" setting in the "Android Bluetooth" rule.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Samsung_Android_OS_7_with_Knox_2-x_V1R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., 800-53|CM-7(1)(b), CAT|III, CCI|CCI-000366, CCI|CCI-001761, Rule-ID|SV-91237r1_rule, STIG-ID|KNOX-07-002400, Vuln-ID|V-76541

Plugin: MDM

Control ID: f1f461351a4a8d983eda33083dd462d386bb91d0f7366b49aff123837e556e14