Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
S/MIME must be installed on mobile device, so users can sign/encrypt email.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-24983 | WIR-MOS-iOS-003 | SV-30782r3_rule | ECSC-1 | Medium |
| Description |
|---|
| S/MIME provides the capability for users to send and receive S/MIME email messages from wireless email devices. S/MIME and digital signatures provide assurance the message is authentic and is required by DoD policy. Without S/MIME users will not be able to read encrypted email and will not be able to encrypt email with sensitive information. |
| STIG | Date |
|---|---|
| Apple iOS 6 Security Technical Implementation Guide (STIG) | 2013-05-23 |
Details
| Check Text ( C-31198r9_chk ) |
|---|
| Launch the mobile email client and verify S/MIME is installed in the client. The exact procedures will depend on which mobile email product is being used. Mark as a finding if the mobile email client does not have S/MIME configured. If the mobile email client does not have S/MIME configuration settings that can be viewed on the device, try to send a signed encrypted message to a known recipient and verify the recipient can decrypt and verify the digital signature. Mark as a finding if you are unable to send a signed and encrypted message or if the recipient is unable to decrypt and verify the digital signature. If the Good Technology client is used: •Log into the iOS device. •Open the Good application. •Go to Preferences. •Verify Smartcard and S/MIME specific settings are listed. |
| Fix Text (F-27624r5_fix) |
|---|
| Provision the mobile email client with S/MIME so users can digitally sign and encrypt email. |