LG Android 6.x must enable VPN protection.

From LG Android 6.x Security Technical Implementation Guide

Part of PP-MDF-201025

Associated with: CCI-000366

SV-81329r2_rule LG Android 6.x must enable VPN protection.

Vulnerability discussion

A key characteristic of a mobile device is that they typically will communicate wirelessly and are often expected to reside in locations outside the physical security perimeter of a DoD facility. In these circumstances, the threat of eavesdropping is substantial. Virtual private networks (VPNs) provide confidentiality and integrity protection for data transmitted over untrusted media (e.g., air) and networks (e.g., the Internet). They also provide authentication services to ensure that only authorized users are able to use them. Consequently, enabling VPN protection counters threats to communications to and from mobile devices.SFR ID: FMT_SMF_EXT.1.1 #03

Check content

This validation procedure is performed on both the MDM Administration Console and the LG for Android device. On the MDM console, do the following: 1. Ask the MDM administrator to display the list of configured VPN profiles in the "VPN profiles" rule. 2. Verify the list includes the organization VPN profile. On the LG Android device: 1. Open Settings >> Networks >> VPN. 2. Select "LG VPN". 3. Verify the list includes the organization VPN profile. If on the MDM console the organization VPN profile has not been set up or on the LG Android device the organization profile is not listed under "LG VPN", this is a finding.

Fix text

Configure the mobile operating system to enable VPN protection. On the MDM Administration Console, configure the organization VPN profile in the "VPN profiles" rule.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer