Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-32699 | WIR-MOS-iOS-65-01 | SV-43045r1_rule | ECWN-1 | High |
Description |
---|
The integrity of the security policy and enforcement mechanisms is critical to the IA posture of the operating system. If a user can modify a device's security policy or enforcement mechanisms, then a wide range of subsequent attacks are possible, including unauthorized access to information and networks. Access controls that prevent a user from making modifications such as these mitigate the risk of operating system compromise. |
STIG | Date |
---|---|
Apple iOS 6 Interim Security Configuration Guide (ISCG) | 2013-01-17 |
Check Text ( C-41062r5_chk ) |
---|
Apple iOS 6 meets this requirement if an MDM profile is used on the iOS device to manage the device security policy. Verify an MDM profile is installed on a sample of devices (3-4): Settings > General > Profiles Mark as a finding if the site does not use an MDM profile to manage the security policy on site managed iOS devices (it has already been verified that iOS 6 does not permit a user to modify the MDM profile). |
Fix Text (F-36597r3_fix) |
---|
Use an MDM profile to manage the security policy on site managed iOS devices. |