DISA STIGS Viewer

The mobile device used for BYOAD must be NIAP validated.

Overview

Finding ID Version Rule ID IA Controls Severity
V-272524 KNOX-15-802800 SV-272524r1098767_rule   High
Description
Nonapproved mobile devices may not include sufficient controls to protect work data, applications, and networks from malware or adversary attack. Components must only approve devices listed on the NIAP list of compliant products or products listed in evaluation at the following links respectively: - https://www.niap-ccevs.org/Product/ - https://www.niap-ccevs.org/Product/PINE.cfm Reference: DOD policy "Use of Non-Government Mobile Devices" (3.b.(1)i). SFR ID: FMT_SMF_EXT.1.1 #47
STIG Date
Samsung Android 15 BYOAD Security Technical Implementation Guide 2025-04-29

Details

Check Text (C-76605r1098343_chk)
Verify the mobile device used for BYOAD is NIAP-validated (included on the NIAP list of compliant products or products in evaluation).

If the mobile device used for BYOAD is not NIAP-validated (included on the NIAP list of compliant products or products in evaluation), this is a finding.
Fix Text (F-76510r1098344_fix)
Use only mobile devices for BYOAD that are NIAP-validated (included on the NIAP list of compliant products or products in evaluation).