Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-54293 | AIOS-05-080101 | SV-68539r1_rule | Medium |
Description |
---|
Apple's Family Sharing service allows iOS users to create a Family Group whose members have several shared capabilities, including the ability to lock, wipe, play a sound on, or locate the iOS devices of other members. Each member of the group must be invited to the group and accept that invitation. A DoD user's iOS device may be inadvertently or maliciously wiped by another member of their Family Group. This poses a risk that the user could be without a mobile device for a period of time or lose sensitive information that has not been backed up to other storage media. Configuring iOS devices so that their associated Apple IDs are not members of Family Groups mitigates this risk. SFR ID: FMT_SMF.1.1 #42 |
STIG | Date |
---|---|
Apple iOS 8 Interim Security Configuration Guide | 2014-09-16 |
Check Text ( C-54929r3_chk ) |
---|
Review configuration settings to confirm Family Sharing is disabled. This check procedure is performed on the iOS device. On the iOS device: 1. Open the Settings app. 2. Tap "iCloud". 3. If "Set Up Family Sharing..." is listed, the device is compliant. 4. If "Setup Family Sharing..." is not listed, tap "Family". 5. Verify no email addresses or names are listed under "FAMILY MEMBERS". Note: The iOS device must be connected to the Internet to conduct this validation procedure. Otherwise, the device will display the notice "Family information is not available", in which case it cannot be determined if the configuration is compliant. If names or email addresses are listed under "FAMILY MEMBERS" on the iOS device, this is a finding. |
Fix Text (F-59147r1_fix) |
---|
The user must either remove all members from the Family Group on the iOS device or associate the device with an Apple ID that is not a member of a Family Group. |