UCF STIG Viewer Logo

Mobile device cameras must be used only if documented approval is in the site physical security policy.


Overview

Finding ID Version Rule ID IA Controls Severity
V-25014 WIR-MOS-iOS-G-021 SV-30799r3_rule ECWN-1 Low
Description
This is an operational security issue. DoD sensitive information could be compromised if cameras are allowed in areas not authorized by the site physical security plan.
STIG Date
Apple iOS6 Security Technical Implementation Guide 2014-10-07

Details

Check Text ( C-31218r7_chk )
Note: The site has the ability to disable the camera by using the iPhone profile if camera use is not approved, or allow the use of the camera if use is approved and documented in the site physical security policy.

1. Make a list of all iOS security policies listed on the MDM server that have been assigned to iOS devices and review each policy.
2. Select each security policy iOS devices are assigned to, and in turn, verify the required settings are in the policy. Determine if “Allow use of camera” is unchecked or checked.
If checked, verify the site physical security policy allows the use of CMD cameras.

Mark as a finding if “Allow use of camera” is checked in the iOS policy on the MDM and the site physical security policy does not allow the use of CMD cameras.

Note: If there is a finding, note the name of the policy in the Findings Details section in VMS/Component Provided Tracking Database.
Fix Text (F-27665r3_fix)
Disable (uncheck) "Allow use of camera" in the iOS policy on the MDM server unless documented approval exists in the site physical security policy.