AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.

Information

The STIG requires AO approval before an Apple Watch (DoD owned or personally owned) can be paired with a DoD owned iPhone to insure the AO has evaluated the risk in having sensitive DoD data transferred to and stored on an Apple Watch in their operational environment.

SFR ID: FMT_SMF_EXT.1.1 #47

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

If the AO has not approved the use of Apple Watch with DoD owned iPhones, install a configuration profile to disable the Apple Watch control in the management tool. This a Supervised-only control.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_iOS_iPadOS_13_V2R1_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-20(2), 800-53|CM-6(1), 800-53|CM-6b., CAT|II, CCI|CCI-000097, CCI|CCI-000366, CCI|CCI-000370, Rule-ID|SV-219388r604137_rule, STIG-ID|AIOS-13-013100, STIG-Legacy|SV-106609, STIG-Legacy|V-97505, Vuln-ID|V-219388

Plugin: MDM

Control ID: c27b77c85dc2c0ab1f04363d1546531226d72cf8256121e1710ad677e95190ae