| The following banner is required: |
“I've read & consent to terms in IS user agreem't.”
On the iOS device, complete the following:
Check a sample of devices (3-4). The procedure will vary, depending on the MDM server used. For iOS, the banner is only displayed when logging into the security container.
The banner must exactly match the required phrase.
Mark as a finding if the required banner is not configured to display during device unlock/logon.
If the Good Technology MDM server is used, complete the following:
1. Make a list of all iOS security policies listed on the MDM server that have been assigned to iOS devices and review each policy.
2. Select each security policy iOS devices are assigned to, and in turn, verify the required settings are in the policy. Verify either password or CAC authentication has been enabled for the MDM agent.
-Launch the Good Mobile Control Web console and click on the Policies tab.
-Select a policy set to review and click on the policy.
-On the left tab, select Compliance Manager.
-Verify a "Custom" or "iOS DoD Login Banner" rule is listed. (Note the rule title does not have to be exact.)
-Open the rule by checking the box next to the rule and then click Edit.
-Verify "Failure Action" is set to "Quit Good for Enterprise".
-Verify "Check Every" is set to "6 hours".
-Verify Rule File = disclaimer.xml.