Google Android 16 must disable the use of assistants (including Google Assistant) unless required to meet Section 508 compliance requirements.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-276890 | PP-MDF-993300 | GOOG-16-013100 | SV-276890r1140462_rule | 2025-09-18 | 1 |
| Description |
|---|
| The use of assistants could expose sensitive DOD data to cloud-based servers during the processing of assistant requests. SFR ID: FMT_MOF_EXT.1.2 #47 |
| ℹ️ Check |
|---|
| Review configuration settings to confirm the use of assistants has been disabled. This check procedure is performed on the device management tool and the Google Android 16 device. On the MDM console: COBO and COPE: 1. Open user restrictions. 2. Verify that "Disallow assist content" is enabled. 3. Verify that the Gemini App in the Managed Google Play Store has not been added to the allowlist. On the managed Google Android 16 device: 1. Try to invoke the Google Assistant and note that it will not execute. 2. Verify that the Gemini app is not installed and that it is not listed in the Managed Google Play Store. If the use of assistants has not been disabled, this is a finding. Note: This control also disables Gemini from being invoked if it was previously installed. |
| ✔️ Fix |
|---|
| Configure the Google Android 16 device to disable the use of all assistants. On the MDM console, do the following: COBO and COPE: 1. Open user restrictions. 2. Enable "Disallow assist content". 3. Do not allowlist the Gemini App in the Managed Google Play Store. Note: This control also disables Gemini from being invoked if it was previously installed. Configuration API: ASSIST_CONTENT_DISALLOWED |