MASTG-MITIG-0004: Exclude Sensitive Data from Backups

For the sensitive files found, instruct the system to exclude them from the backup:

• If you are using Auto Backup, mark them with the exclude tag in backup_rules.xml (for Android 11 or lower using android:fullBackupContent) or data_extraction_rules.xml (for Android 12 and higher using android:dataExtractionRules), depending on the target API. Make sure to use both the cloud-backup and device-transfer parameters.
• If you are using the key-value approach, set up your BackupAgent accordingly.

Tests

MASTG-TEST-0216: Sensitive Data Not Excluded From Backup