UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Users must not have Apple IDs signed into iCloud.


Overview

Finding ID Version Rule ID IA Controls Severity
V-67721 AOSX-11-001130 SV-82211r1_rule Medium
Description
Users should not sign into iCloud, as this leads to the possibility that sensitive data could be saved to iCloud storage or that users could inadvertently introduce viruses or malware previously saved to iCloud from other systems.
STIG Date
Apple OS X 10.11 Security Technical Implementation Guide 2017-04-06

Details

Check Text ( C-68287r1_chk )
To see if any user account has configured an Apple ID for iCloud usage, run the following command:

/usr/bin/sudo find /Users/ -name 'MobileMeAccounts.plist' -exec /usr/bin/defaults read '{}' \;

If the results show any accounts listed, this is a finding.
Fix Text (F-73835r1_fix)
This must be manually resolved.

With the affected user logged in, open System Preferences >> iCloud.

Choose "Sign Out".