UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The macOS system must be configured so that users do not have Apple IDs signed into iCloud.


Overview

Finding ID Version Rule ID IA Controls Severity
V-81691 AOSX-13-001130 SV-96405r1_rule Medium
Description
Users should not sign into iCloud, as this leads to the possibility that sensitive data could be saved to iCloud storage or that users could inadvertently introduce viruses or malware previously saved to iCloud from other systems.
STIG Date
Apple OS X 10.13 Security Technical Implementation Guide 2019-07-01

Details

Check Text ( C-81471r1_chk )
To see if any user account has configured an Apple ID for iCloud usage, run the following command:

/usr/bin/sudo find /Users/ -name 'MobileMeAccounts.plist' -exec /usr/bin/defaults read '{}' \;

If the results show any accounts listed, this is a finding.
Fix Text (F-88539r1_fix)
This must be resolved manually.

With the affected user logged on, open System Preferences >> iCloud.

Choose "Sign Out".