UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Apple iOS must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: Apple App Store].


Overview

Finding ID Version Rule ID IA Controls Severity
V-78367 AIOS-11-000900 SV-93073r1_rule Medium
Description
Forcing all applications to be installed from authorized application repositories can prevent unauthorized and malicious applications from being installed and executed on mobile devices. Allowing such installations and executions could cause a compromise of DoD data accessible by these unauthorized/malicious applications. SFR ID: FMT_SMF_EXT.1.1 #8a
STIG Date
Apple iOS 11 Security Technical Implementation Guide 2018-09-19

Details

Check Text ( C-77929r1_chk )
Review configuration settings to confirm "Allow Trusting New Enterprise App Authors" restriction is disabled.

This procedure is performed in the Apple iOS management tool and on the Apple iOS device.

Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review.

In the Management tool, verify the "Allow Trusting New Enterprise App Authors" is disabled.

On the Apple iOS device:
1. Open the Settings app.
2. Tap "General".
3. Tap "Profiles & Device Management".
4. Tap the Configuration Profile from the Apple iOS management tool containing the password policy.
5. Tap "Restrictions".
6. Verify "Allow Trusting New Enterprise App Authors" is listed.

If the "Allow Trusting New Enterprise App Authors" is not disabled in the iOS management tool or on the Apple iOS device, this is a finding.
Fix Text (F-85099r1_fix)
Install a configuration profile to disable "Allow Trusting New Enterprise App Authors".