Detections
Analytics

AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned

Updated: 11/25/2025

Authority: CIS

Plugin: MDM

Revision: 1.1

Estimated Item Count: 53

File Details

Filename: CIS_Apple_iOS_18_v1.0.0_L1_Institutionally_Owned-AirWatch.audit

Size: 76 kB

MD5: 2d9bc0dbd70d84b31cbc086e789e76c0
SHA256: 223b7efd4f8d8c04322f2370577e4e2739db5e0788bd96c47f54c66e79995351

Audit Items

DescriptionCategories
2.2.1.5 Ensure 'Allow personalized ads delivered by Apple' is set to 'Disabled'
2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled'
2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'
3.1.1 Ensure 'Controls when the profile can be removed' is set to 'Never'
3.2.1.2 Ensure 'Allow voice dialing while device is locked' is set to 'Disabled'
3.2.1.3 Ensure 'Allow Siri while device is locked' is set to 'Disabled'
3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled'
3.2.1.5 Ensure 'Allow iCloud documents & data' is set to 'Disabled'
3.2.1.6 Review 'Allow iCloud Keychain' settings
3.2.1.7 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled'
3.2.1.10 Ensure 'Force encrypted backups' is set to 'Enabled'
3.2.1.11 Ensure 'Allow personalized ads delivered by Apple' is set to 'Disabled'
3.2.1.12 Ensure 'Allow Erase All Content and Settings' is set to 'Disabled'
3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled'
3.2.1.15 Ensure 'Allow installing configuration profiles' is set to 'Disabled'
3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled'
3.2.1.17 Ensure 'Force automatic date and time' is set to 'Enabled'
3.2.1.19 Ensure 'Allow USB accessories while the device is locked' is set to 'Disabled'
3.2.1.21 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled'
3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled'
3.2.1.23 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'
3.2.1.24 Ensure 'Allow Handoff' is set to 'Disabled'
3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled'
3.2.1.26 Ensure 'Require Touch ID / Face ID authentication before AutoFill' is set to 'Enabled'
3.2.1.27 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled'
3.2.1.28 Ensure 'Allow setting up new nearby devices' is set to 'Disabled'
3.2.1.29 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled'
3.2.1.30 Ensure 'Allow password sharing (supervised only)' is set to 'Disabled'
3.2.1.31 Ensure 'Show Control Center in Lock screen' is set to 'Disabled'
3.2.1.32 Ensure 'Show Notification Center in Lock screen' is set to 'Disabled'
3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled'
3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only'
3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured'
3.4.1 Ensure 'Allow simple value' is set to 'Disabled'
3.4.3 Ensure 'Minimum passcode length' is set to a value of '6' or greater
3.4.4 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less
3.4.5 Ensure 'Maximum grace period for device lock' is set to 'Immediately'
3.4.6 Ensure 'Maximum number of failed attempts' is set to '6'
3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured'
3.6.1 Ensure 'VPN' is 'Configured'
3.7.1 Ensure 'Allow user to move messages from this account' is set to 'Disabled'
3.8.1 Ensure 'Notification Settings' are configured for all 'Managed Apps'
3.9.1 Ensure 'If Lost, Return to...' Message is 'Configured'
4.1.1 Review Manage Sharing & Access
4.1.2 Review Emergency Reset
4.1.4 Ensure 'App Privacy Report' is enabled
4.2 Ensure device is not obviously jailbroken or compromised
4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled'
4.4 Ensure 'Software Update' returns 'Your software is up to date.'
4.5 Review 'iCloud Private Relay' settings