Samsung Android 16 must disable the use of assistants (including Samsung Assistant) unless required to meet Section 508 compliance requirements.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-276640 | PP-MDF-993300 | KNOX-16-011100 | SV-276640r1139442_rule | 2025-09-22 | 1 |
| Description |
|---|
| The use of assistants could expose sensitive DOD data to cloud based servers during the processing of assistant requests. SFR ID: FMT_MOF_EXT.1.2 #47 |
| ℹ️ Check |
|---|
| Review configuration settings to confirm the use of assistants has been disabled. This check procedure is performed on the device management tool and the Samsung Android 16 device. On the MDM console: COBO/COPE procedures: 1. Open user restrictions. 2. Verify that "Disallow assist content" is enabled. 3. Verify that the Gemini App in the Managed Samsung Play Store has not been added to the allowlist. On the managed Samsung Android 16 device: 1. Try to invoke the Google Assistant and note that it will not execute. 2. Verify the Gemini app is not installed and that it is not listed in the Managed Samsung Play Store. If the use of assistants has not been disabled, this is a finding. Note: This control also disables Gemini from being invoked if it was previously installed. |
| ✔️ Fix |
|---|
| Configure the Samsung Android 16 device to disable the use of all assistants. On the MDM console, do the following: COBO procedures: 1. Open user restrictions. 2. Enable "Disallow assist content". 3. Do not allowlist the Gemini App in the Managed Samsung Play Store. COPE procedures: 1. Open user restrictions. 2. Enable "Disallow assist content". 3. Do not allowlist the Gemini App in the Managed Samsung Play Store. Note: This control also disables Gemini from being invoked if it was previously installed. API: addUserRestriction, DISALLOW_ASSIST_CONTENT |