Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-54241 | AIOS-01-080006 | SV-68487r1_rule | High |
| Description |
|---|
| Encryption is only effective if the decryption procedure is protected. If an adversary can easily access the private key (either directly or through a software application), sensitive DoD data is likely to be disclosed. Password protection is one method to reduce the likelihood of such an occurrence. SFR ID: FMT_SMF.1.1 #42 |
| STIG | Date |
|---|---|
| Apple iOS 8 Interim Security Configuration Guide | 2014-09-16 |
Details
| Check Text ( C-54877r3_chk ) |
|---|
| Review configuration settings to confirm the device is set to require a passcode before use. This procedure is performed on the iOS device. On the iOS device: 1. Lock the device. 2. Wait the duration of the “Grace Lock” period. 3. Attempt to unlock the device. 4. Verify the unlock screen cannot be bypassed without entering a passcode. If the unlock screen can be bypassed without entering a passcode, this is a finding. |
| Fix Text (F-59095r1_fix) |
|---|
| Install a Configuration Profile to require a password to unlock the device. |