Checklist Summary:

The Samsung Android OS 7 with Knox 2.x Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Samsung Android 7.x with Knox devices. The scope of this STIG covers only the Corporate Owned Personally Enabled (COPE) and Corporate Owned Business Only (COBO)1 use cases. The Bring Your Own Device (BYOD) and Choose Your Own Device (CYOD)2 use cases are not in scope for this STIG. This STIG assumes that the COPE mobile device work only container is implemented using a technology or application that has been certified by the National Information Assurance Partnership (NIAP) as compliant with the data separation requirements of the Protection Profile for Mobile Device Fundamentals (MDF)3. As of the publication date of this STIG, the Samsung Knox container is the only container technology or application that is NIAP certified for Samsung mobile devices. The configuration requirements and controls implemented by this STIG allow unrestricted activity by the user in downloading and installing personal apps and data (music, photos, etc.) with Authorizing Official (AO) approval and within any restrictions imposed by the AO. See the STIG Supplemental document, Section 2.3, Configuration of the Personal Space/Container for more information. This STIG assumes that if a DoD WiFi network allows a Samsung mobile device to connect to the network, the WiFi network complies with the Network Infrastructure STIG (for example, wireless access points and bridges must not be directly connected to the enclave network and the network must separate wireless access from other elements of the enclave network).

Checklist Role:

• Operating System

Known Issues:

Not provided.

Target Audience:

This document is a requirement for all DoD administered systems and all systems connected to DoD networks. These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoD Directive (DoDD) 8500.1 and 8500.2

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Sponsor:

Developed by Samsung Electronics Co., Ltd.; Fixmo, Inc.; and General Dynamics C4 Systems, Inc. (GDC4S) in coordination with DISA for the DoD

Licensing:

Not provided.

Change History:

corrected resource title - 1/24/2018
Moved to FINAL - 03/30/2018

Dependency/Requirements:

URL	Description

References:

Reference URL	Description
https://iasecontent.disa.mil/stigs/pdf/U_Samsung_Android_OS_7_with_Knox_2-x_Ver1_Release_Memo.pdf	Samsung Android OS 7 (with Knox 2.x) Version 1 Release Memo

NIST checklist record last modified on 03/30/2018