800-53|AC-20(2)

Title

PORTABLE STORAGE DEVICES

Description

The organization [Selection: restricts; prohibits] the use of organization-controlled portable storage devices by authorized individuals on external information systems.

Supplemental

Limits on the use of organization-controlled portable storage devices in external information systems include, for example, complete prohibition of the use of such devices or restrictions on how the devices may be used and under what conditions the devices may be used.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: ACCESS CONTROL

Parent Title: USE OF EXTERNAL INFORMATION SYSTEMS

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.1.1.5 Audit Freeform Sync to iCloud	Unix	CIS Apple macOS 15.0 Sequoia v1.0.0 L2
2.1.1.5 Audit Freeform Sync to iCloud	Unix	CIS Apple macOS 14.0 Sonoma v2.0.0 L2
2.1.1.5 Audit Freeform Sync to iCloud	Unix	CIS Apple macOS 13.0 Ventura v3.0.0 L2
2.6.1.1 Audit iCloud Configuration	Unix	CIS Apple macOS 10.14 v2.0.0 L2
2.15 Audit Internet Accounts for Authorized Use	Unix	CIS Apple macOS 11.0 Big Sur v4.0.0 L1
2.16 Audit Internet Accounts for Authorized Use	Unix	CIS Apple macOS 12.0 Monterey v3.1.0 L1
2.17.1 Audit Internet Accounts for Authorized Use	Unix	CIS Apple macOS 13.0 Ventura v3.0.0 L1
3.2.1.6 Review 'Allow iCloud Keychain' settings	MDM	MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned
3.2.1.6 Review 'Allow iCloud Keychain' settings	MDM	AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned
3.2.1.6 Review 'Allow iCloud Keychain' settings	MDM	MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned
3.2.1.6 Review 'Allow iCloud Keychain' settings	MDM	AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned
AIOS-11-080201 - Apple iOS must not allow backup to locally connected systems.	MDM	MobileIron - DISA Apple iOS 10 v1r3
AIOS-11-080201 - Apple iOS must not allow backup to locally connected systems.	MDM	AirWatch - DISA Apple iOS 10 v1r3
AIOS-12-012300 - A managed photo app must be used to take and store work related photos.	MDM	MobileIron - DISA Apple iOS 12 v2r1
AIOS-12-012300 - A managed photo app must be used to take and store work related photos.	MDM	AirWatch - DISA Apple iOS 12 v2r1
AIOS-13-012300 - A managed photo app must be used to take and store work-related photos.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012300 - A managed photo app must be used to take and store work-related photos.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012500 - Apple iOS/iPadOS must implement the management setting: enable USB Restricted Mode.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013000 - Apple iOS/iPadOS must implement the management setting: disable AirDrop.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013000 - Apple iOS/iPadOS must implement the management setting: disable AirDrop.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013200 - Apple iOS/iPadOS must disable password autofill in browsers and applications.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013200 - Apple iOS/iPadOS must disable password autofill in browsers and applications.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013300 - Apple iOS/iPadOS must disable allow setting up new nearby devices.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013300 - Apple iOS/iPadOS must disable allow setting up new nearby devices.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013400 - Apple iOS/iPadOS must disable password proximity requests.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013400 - Apple iOS/iPadOS must disable password proximity requests.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013500 - Apple iOS/iPadOS must disable password sharing.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013500 - Apple iOS/iPadOS must disable password sharing.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013600 - Apple iOS/iPadOS must disable Find My Friends in the Find My app.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013600 - Apple iOS/iPadOS must disable Find My Friends in the Find My app.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013800 - Apple iOS/iPadOS must disable Allow USB drive access in Files access if the AO has not approved the use of DoD approved USB storage drives with iOS/iPadOS devices.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013800 - Apple iOS/iPadOS must disable Allow USB drive access in Files access if the AO has not approved the use of DoD approved USB storage drives with iOS/iPadOS devices.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-14-003600 - The mobile operating system must be configured to not allow backup of [all applications, configuration data] to locally connected systems.	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-003600 - The mobile operating system must be configured to not allow backup of [all applications, configuration data] to locally connected systems.	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-003700 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud).	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-003700 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud).	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-003800 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud document and data synchronization).	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-003800 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud document and data synchronization).	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-003900 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Keychain).	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-003900 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Keychain).	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004000 - Apple iOS/iPadOS must not allow backup to remote systems (My Photo Stream).	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004000 - Apple iOS/iPadOS must not allow backup to remote systems (My Photo Stream).	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004100 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams).	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004100 - Apple iOS/iPadOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams).	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004200 - Apple iOS/iPadOS must not allow backup to remote systems (managed applications data stored in iCloud).	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004200 - Apple iOS/iPadOS must not allow backup to remote systems (managed applications data stored in iCloud).	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004300 - Apple iOS/iPadOS must not allow backup to remote systems (enterprise books).	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3
AIOS-14-004300 - Apple iOS/iPadOS must not allow backup to remote systems (enterprise books).	MDM	AirWatch - DISA Apple iOS/iPadOS 14 v1r3

Detections

Analytics