3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled'

Information

This recommendation pertains to allowing iCloud backup.

Rationale:

iCloud backups are encrypted in transit and at rest within Apple's infrastructure, but there is no protection against restoring a backup to an unmanaged device. This allows for data leakage.

Solution

1. Open Apple Configurator.
2. Open the Configuration Profile.
3. In the left windowpane, click on the 'Restrictions' tab.
4. In the right windowpane, under the tab 'Functionality', 'uncheck' the checkbox for 'Allow iCloud backup'.
5. Deploy the Configuration Profile.

Impact:

None.

See Also

https://workbench.cisecurity.org/files/1806

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv6|14

Plugin: MDM

Control ID: ac233ce9ddaf5bc012d09ace8f3a075d4a0b22eb8a37aa9abc597a2d41c2c9bb