7.2.2 Audit History and Remove History Items

Information

Organizational management of user web browsing history is a challenge affected by multiple facets. Organizations should decide whether to manage browser history and how much history should be maintained.

There are conflicting concerns in the retention of browser history.Unlimited retention:

- Consumes disk space
- Is preferred by on-disk forensics teams
- Is user searchable for old visited pages
- Raises some user privacy concerns
- Has security concerns regarding retaining old links that may be stale or lead to compromised pages, or pages with changes or inappropriate content

Old browser history becomes stale and the use or misuse of the data can lead to unwanted outcomes. Search engine results are maintained and often provide much more relevant current information than old website visit information.

Solution

Profile Method:

Create or edit a configuration profile with the following information:

- The PayloadType string is com.apple.Safari
- The key to include is HistoryAgeInDaysLimit
- The key must be set to: <integer><1,7,14,31,365,36500></integer>

Note: Setting the plist key to a value that is not represented by the GUI could cause issues.

Note: Since the profile method sets a system-wide setting and not a user-level one, the profile method is the preferred method. It is always better to set system-wide than per user.

Impact:

If old browsing history is not available, it will not be available to authorized or unauthorized users. Some users may find old and even stale information useful.

See Also

https://workbench.cisecurity.org/benchmarks/15552

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-10, 800-53|SC-18, CSCv7|7.1

Plugin: Unix

Control ID: 9fdeb1bbee6740cdf045a7390fe6ee84e3f4130a384327acf74401589396fc46