AIOS-02-080004 - Apple iOS must not allow backup to remote systems (iCloud Keychain).

Information

The iCloud Keychain is an Apple iOS function that will store users' account names and passwords in iCloud and then synchronize this data among the users' Macs, iPhones, and iPads. An adversary may use any of the stored iCloud keychain passwords after unlocking one of the synchronized devices. If a user is synchronizing devices, the user must protect all of the devices to prevent unauthorized use of the passcodes. Moreover, the keychain being transmitted through the cloud opens the possibility that a well-resourced, sophisticated adversary could compromise the cloud-transmitted keychain. Not allowing the iCloud Keychain feature mitigates the risk of the encrypted set of passwords being compromised when transmitted through the cloud or synchronized across multiple devices.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Install a configuration profile to disable iCloud keychain.

See Also

http://iasecontent.disa.mil/stigs/zip/U_Apple_iOS_10_V1R3_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-20(3), 800-53|CM-6b., CAT|II, CCI|CCI-000366, CCI|CCI-002338, Rule-ID|SV-86411r1_rule, STIG-ID|AIOS-02-080004, Vuln-ID|V-71787

Plugin: MDM

Control ID: d3b147e4797a38320fcc7dc1ac452cd87ca3b0b2d34f58738fd166a05b0dbb27