AIOS-10-080103 - Apple iOS must implement the management setting: not allow user to remove profiles that enforce DoD security requirements.

Information

Configuration profiles define security policies on Apple iOS devices. If a user is able to remove a configuration profile, the user can then change the configuration that had been enforced by that policy. Relaxing security policies may introduce vulnerabilities that the profiles had mitigated. Configuring a profile to never be removed mitigates this risk.

Solution

Configure the Apple iOS configuration profile such that it can never be removed.

See Also

http://iasecontent.disa.mil/stigs/zip/U_Apple_iOS_10_V1R3_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-86503r1_rule, STIG-ID|AIOS-10-080103, Vuln-ID|V-71879

Plugin: MDM

Control ID: bf3b382d677133e2a164a7a500e1e3ed64b71ad66002835d5953e82e1bd3c4da