|Finding ID||Version||Rule ID||IA Controls||Severity|
|The Safari browser does not support FIPS 140-2 validated encryption and CAC authentication to DoD websites. FIPS validation provides a level of assurance that encrypted sensitive data will not be compromised.|
|Apple iOS6 Security Technical Implementation Guide||2014-10-07|
|Check Text ( C-31256r5_chk )|
| 1. Make a list of all iOS security policies listed on the MDM server that have been assigned to iOS devices and review each policy. |
2. Select each security policy iOS devices are assigned to, and in turn, verify the required settings are in the policy. Verify “Allow use of Safari” is not checked.
Mark as a finding if the required rule is not set up on the MDM server.
Note: If there is a finding, note the name of the policy in the Findings Details section in VMS/Component Provided Tracking Database.
|Fix Text (F-27720r3_fix)|
|Disable (uncheck) "Allow use of Safari" in the iOS policy on the MDM server.|