AIOS-16-011500 - Apple iOS/iPadOS 16 must implement the management setting: Treat AirDrop as an unmanaged destination.

Information

AirDrop is a way to send contact information or photos to other users with AirDrop enabled. This feature enables a possible attack vector for adversaries to exploit. Once the attacker has gained access to the information broadcast by this feature, the attacker may distribute this sensitive information very quickly and without DoD's control or awareness. By disabling this feature, the risk of mass data exfiltration will be mitigated.

Note: If the site uses Apple's optional Automatic Device Enrollment, this control is available as a supervised MDM control.

SFR ID: FMT_SMF_EXT.1.1 #47

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Install a configuration profile to treat AirDrop as an unmanaged destination.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_iOS-iPadOS_16_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

References: 800-53|CM-6b., 800-53|IA-5(14), CAT|II, CCI|CCI-000366, CCI|CCI-002008, Rule-ID|SV-254617r959010_rule, STIG-ID|AIOS-16-011500, Vuln-ID|V-254617

Plugin: MDM

Control ID: 691c7b6848c0df50df453ca313d0ecb89af2ca9e54de87f79cabf72f58456952