AIOS-11-012400 - Apple iOS must implement the management setting: not allow a user to remove DoD security configuration profiles.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Configuration profiles define security policies on Apple iOS devices. If a user is able to remove a configuration profile, the user can then change the configuration that had been enforced by that policy. Relaxing security policies may introduce vulnerabilities that the profiles had mitigated. Configuring a profile to never be removed mitigates this risk.

Solution

Configure the Apple iOS configuration profile such that it can never be removed.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apple_iOS_11_V1R4_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-19, 800-53|CM-7, CAT|II, CCI|CCI-000366, CSCv6|9.1, Rule-ID|SV-93139r1_rule, STIG-ID|AIOS-11-012400, Vuln-ID|V-78433

Plugin: MDM

Control ID: c83c8d0333f2fd204db2ef7408b3f9476432dac963c5d1752271d17057bb0ad5