UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must employ a DoD approved anti-malware protections.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32716 WIR-MOS-iOS-65-15 SV-43062r1_rule ECVP-1 High
Description
In order to minimize potential negative impact to the organization that can be caused by malicious code, it is imperative that malicious code is identified and eradicated. Malicious code includes viruses, worms, Trojan horses, and spyware. Malicious code can result in the disclosure of sensitive information or cause a denial of service. Anti-virus applications are not common on mobile operating systems but one or more methods to mitigate the risk of malware must be in place to protect DoD information and networks.
STIG Date
Apple iOS 6 Interim Security Configuration Guide (ISCG) 2013-01-17

Details

Check Text ( C-41076r4_chk )
The method for meeting this requirement using an iOS device is by implementing MDIS and MAM servers in the system architecture.

Verify the site has implemented both the MDIS and MAM servers by reviewing system documentation and interviewing the IAO and verify the MDIS and MAM agents are installed on a sample (3-4) of site managed devices.

Mark as a finding if an MDIS and MAM server are not installed in the system architecture.
Fix Text (F-36611r2_fix)
Install MDIS and MAM servers in the system architecture.