S/MIME must be installed on mobile device, so users can sign/encrypt email
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-24983 | WIR-MOS-iOS-003 | SV-30782r2_rule | ECSC-1 | Medium |
| Description |
|---|
| S/MIME provides the capability for users to send and receive S/MIME email messages from wireless email devices. S/MIME and digital signatures provide assurance the message is authentic and is required by DoD policy. Without S/MIME users will not be able to read encrypted email and will not be able to encrypt email with sensitive information. |
| STIG | Date |
|---|---|
| Apple iOS 5 Security Technical Implementation Guide (STIG) | 2012-07-20 |
Details
| Check Text ( C-31198r4_chk ) |
|---|
| Launch the mobile email client and verify S/MIME is installed in the client. The exact procedures will depend on which mobile email product is being used. Mark as a finding if not compliant. |
| Fix Text (F-27624r4_fix) |
|---|
| Provision the mobile email client with S/MIME so users can digitally sign and encrypt emergency and/or critical email notifications. |