AIOS-03-080101 - Apple iOS must implement the management setting: use SSL for Exchange ActiveSync.

Information

Exchange email messages are a form of data in transit and thus are vulnerable to eavesdropping and man-in-the-middle attacks. Secure Sockets Layer (SSL), also referred to as Transport Layer Security (TLS), provides encryption and authentication services that mitigate the risk of breach.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Install a configuration profile to use SSL for Exchange ActiveSync.

See Also

http://iasecontent.disa.mil/stigs/zip/U_Apple_iOS_10_V1R3_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-86491r1_rule, STIG-ID|AIOS-03-080101, Vuln-ID|V-71867

Plugin: MDM

Control ID: cc76560dfb16f072a49bdaf67971376e616b06aeb64810dbc2600cefa40ce728