UCF STIG Viewer Logo

The mobile operating system must not permit a user to disable or modify the security policy or enforcement mechanisms on the device.


Finding ID Version Rule ID IA Controls Severity
V-32699 WIR-MOS-iOS-65-01 SV-43045r2_rule ECWN-1 High
The integrity of the security policy and enforcement mechanisms is critical to the IA posture of the operating system. If a user can modify a device's security policy or enforcement mechanisms, then a wide range of subsequent attacks are possible, including unauthorized access to information and networks. Access controls that prevent a user from making modifications such as these mitigate the risk of operating system compromise.
Apple iOS 6 Security Technical Implementation Guide (STIG) 2013-05-23


Check Text ( C-41062r6_chk )
Apple iOS 6 meets this requirement if an MDM profile is used on the iOS device to manage the device security policy. Verify an MDM profile is installed on a sample of devices (3-4): Settings > General > Profiles.

Mark as a finding if the site does not use an MDM profile to manage the security policy on site-managed iOS devices (it has already been verified that iOS 6 does not permit a user to modify the MDM profile).
Fix Text (F-36597r4_fix)
Use an MDM profile to manage the security policy on site-managed iOS devices.