UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile device used for BYOAD must be NIAP validated.


Overview

Finding ID Version Rule ID IA Controls Severity
V-257136 AIOS-16-800280 SV-257136r904500_rule High
Description
Note: For a virtual mobile infrastructure (VMI) solution, both the client and server must be NIAP compliant. Nonapproved mobile devices may not include sufficient controls to protect work data, applications, and networks from malware or adversary attack. Components must only approve devices listed on the NIAP product compliant list or products listed in evaluation at the following links respectively: - https://www.niap-ccevs.org/Product/ - https://www.niap-ccevs.org/Product/PINE.cfm Reference: DOD policy "Use of Non-Government Mobile Devices" (3.a.(2)). SFR ID: FMT_SMF_EXT.1.1 #47
STIG Date
Apple iOS/iPad OS 16 MDFPP 3.3 BYOAD Security Technical Implementation Guide 2023-08-14

Details

Check Text ( C-60821r904454_chk )
Verify the mobile device used for BYOAD is NIAP validated (included on the NIAP list of compliant products or products in evaluation).

If the mobile device used for BYOAD is not NIAP validated (included on the NIAP list of compliant products or products in evaluation), this is a finding.
Fix Text (F-60762r904455_fix)
Use only mobile devices for BYOAD that are NIAP validated (included on the NIAP list of compliant products or products in evaluation).