Google Android 16 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)].
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-276885 | PP-MDF-993300 | GOOG-16-012200 | SV-276885r1140447_rule | 2025-09-18 | 1 |
| Description |
|---|
| If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DOD information systems. An adversary could exploit vulnerabilities created by the weaker configuration to compromise DOD sensitive information. SFR ID: FMT_MOF_EXT.1.2 #24 |
| ℹ️ Check |
|---|
| Review the device configuration to confirm that the USB port is disabled except for charging the device. On the EMM console: COBO and COPE: 1. Open "Set user restrictions". 2. Verify that "Disallow USB file transfer" is set to "ON". If on the EMM console the USB port is not disabled ("Disallow USB file transfer" is set to "ON"), this is a finding. |
| ✔️ Fix |
|---|
| Configure the Google Android 16 device to disable the USB port (except for charging the device). On the EMM console: COBO and COPE: 1. Open "Set user restrictions". 2. Toggle "Disallow USB file transfer" to "ON". Configuration API: DISALLOW_USB_FILE_TRANSFER |