|Finding ID||Version||Rule ID||IA Controls||Severity|
|This is an operational security issue. DoD sensitive information could be compromised if cameras are allowed in areas not authorized by the site physical security plan.|
|Apple iOS6 Security Technical Implementation Guide||2014-10-07|
|Check Text ( C-31218r7_chk )|
| Note: The site has the ability to disable the camera by using the iPhone profile if camera use is not approved, or allow the use of the camera if use is approved and documented in the site physical security policy. |
1. Make a list of all iOS security policies listed on the MDM server that have been assigned to iOS devices and review each policy.
2. Select each security policy iOS devices are assigned to, and in turn, verify the required settings are in the policy. Determine if “Allow use of camera” is unchecked or checked.
If checked, verify the site physical security policy allows the use of CMD cameras.
Mark as a finding if “Allow use of camera” is checked in the iOS policy on the MDM and the site physical security policy does not allow the use of CMD cameras.
Note: If there is a finding, note the name of the policy in the Findings Details section in VMS/Component Provided Tracking Database.
|Fix Text (F-27665r3_fix)|
|Disable (uncheck) "Allow use of camera" in the iOS policy on the MDM server unless documented approval exists in the site physical security policy.|