2.14.1 Audit Game Center Settings

Information

With macOS 10.13, Apple has introduced a separate section for Game Center in System Settings. It is possible to log in with the Apple Account and use the iCloud-based Game Center services.

Game Center is a feature from Apple that allows users to engage in game-related activities with friends when playing multiplayer games online on the Game Center social network. User profile data such as nickname, contact discovery, and also nearby players may be shared through iCloud.

Apple collects information here, such as the games users play and when they play them, all scores and achievements, and the challenges users send and receive. This information is used to track users' high scores, achievements, and challenges and to improve Game Center.

The automatic sign in to Game Center with AppleID should be disabled if not aligned with organizational rules

Personal profile visibility, Finding by Friends, requests from Contacts, Nearby Player detection and Connecting with Friends are all visibility options that should be risk accepted through an organizational policy before use.

Users should not sign in to Game Center on organizational managed devices if not covered under acceptable use. For personal devices Game Center should not be signed in if the user is not using Apple's gaming service.

Ensure Game Center service is used consistently with organizational requirements.

Solution

Profile Method:

Create or edit a configuration profile with the following information:

- The PayloadType string is com.apple.applicationaccess
- The key to include is allowGameCenter
- The key should be set <true/> to allow Game Center, or <false/> to disable it, based on your organization's requirements

Impact:

Game Center is designed as a social network to use Apple's gaming service and includes capabilities to discover players in the service as through local network discovery. If the Apple feature is not needed it should not be on, and should not be signed in.

See Also

https://workbench.cisecurity.org/benchmarks/18636

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b.

Plugin: Unix

Control ID: 67435b5683f79a37ec3657ca0d104a22be06d5b3b82ef5cdcaf1ffd42e3d0d7d