UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The OS X system must be configured so that users do not have Apple IDs signed into iCloud.


Overview

Finding ID Version Rule ID IA Controls Severity
V-76129 AOSX-12-001130 SV-90817r1_rule Medium
Description
Users should not sign into iCloud, as this leads to the possibility that sensitive data could be saved to iCloud storage or that users could inadvertently introduce viruses or malware previously saved to iCloud from other systems.
STIG Date
Apple OS X 10.12 Security Technical Implementation Guide 2018-01-04

Details

Check Text ( C-75815r1_chk )
To see if any user account has configured an Apple ID for iCloud usage, run the following command:

/usr/bin/sudo find /Users/ -name 'MobileMeAccounts.plist' -exec /usr/bin/defaults read '{}' \;

If the results show any accounts listed, this is a finding.
Fix Text (F-82767r1_fix)
This must be resolved manually.

With the affected user logged on, open System Preferences >> iCloud.

Choose "Sign Out".