AIOS-17-010800 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of Handoff.

Information

Handoff permits a user of an iPhone and iPad to transition user activities from one device to another. Handoff passes sufficient information between the devices to describe the activity, but app data synchronization associated with the activity is handled though iCloud, which should be disabled on a compliant iPhone and iPad. If a user associates both DOD and personal devices to the same Apple ID, the user may improperly reveal information about the nature of the user's activities on an unprotected device. Disabling Handoff mitigates this risk.

SFR ID: FMT_SMF_EXT.1.1 #47

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Install a configuration profile to disable continuation of activities among devices and workstations.

This requirement will become 'Supervised only' in a future iOS/iPadOS release.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_iOS-iPadOS_17_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., 800-53|CM-7a., CAT|III, CCI|CCI-000366, CCI|CCI-000381, Rule-ID|SV-258342r959010_rule, STIG-ID|AIOS-17-010800, Vuln-ID|V-258342

Plugin: MDM

Control ID: 9f55d7d35494f01690ce7248bcccb0c0c883dbbb6740d344e267c413c70b8bbb