From Samsung Android OS 8 with Knox 3.x COPE Use Case Security Technical Implementation Guide
Part of PP-MDF-991000
Associated with: CCI-000366
Application notifications can include DoD sensitive data. If made available outside the CONTAINER, this information will be accessible to personal applications, resulting in potential compromise of DoD data.
Review Samsung Android 8 with Knox configuration settings to determine if the mobile device is enforcing disabled sharing of notification details outside the CONTAINER when the CONTAINER is locked. This validation procedure is performed on both the MDM Administration Console and the Samsung Android 8 with Knox device. On the MDM console, do the following: 1. Ask the MDM Administrator to display the "Allow Show detailed notifications" setting in the "Android Knox CONTAINER >> CONTAINER Restrictions" rule. 2. Verify the setting is disabled. On the Samsung Android 8 with Knox device, do the following: 1. Open the Knox CONTAINER. 2. Select "Workspace Settings". 3. Select "Notifications and data". 4. Verify "Show notification content" is disabled and attempt to enable this setting. If the MDM console "Allow Show detailed notifications" is not set to disabled or on the Samsung Android 8 with Knox device, the user is able to enable this setting, this is a finding.
Configure Samsung Android 8 with Knox to enforce disabled sharing of notification details outside the CONTAINER when the CONTAINER is locked. On the MDM console, disable the "Allow Show detailed notifications" setting in the "Android Knox CONTAINER >> CONTAINER Restrictions" rule.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer