The Samsung Knox for Android platform must implement the management setting: Disable NFC.

From Samsung Android OS 5 with Knox 2.0 Security Technical Implementation Guide

Part of PP-MDF-991000

Associated with: CCI-000366

SV-75683r1_rule The Samsung Knox for Android platform must implement the management setting: Disable NFC.

Vulnerability discussion

NFC is a wireless technology that transmits small amounts of information from the device to the NFC reader. Any data transmitted can be potentially compromised. Disabling this feature mitigates this risk.SFR ID: FMT_SMF_EXT.1.1 #45

Check content

This validation procedure is performed on both the MDM Administration Console and the Samsung Knox for Android device. Check whether the appropriate setting is configured on the MDM Administration Console: 1. Ask the MDM administrator to display the "Allow NFC" setting in the "Android Restrictions" rule. 2. Verify the setting is disabled. On the Samsung Knox for Android device: 1. Open device settings. 2. Select "NFC". 3. Verify the setting is disabled. If the "Allow NFC" configuration in the MDM console is enabled, or if the setting is enabled on the device, this is a finding.

Fix text

Configure the mobile operating system to disable NFC. On the MDM Administration Console, disable the "Allow NFC" setting in the "Android Restrictions" rule.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer