Detections
Analytics

MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1

Updated: 1/13/2026

Authority: DISA STIG

Plugin: MDM

Revision: 1.1

Estimated Item Count: 31

File Details

Filename: DISA_STIG_Apple_iOS_16_BYOAD_v1r1-MobileIron.audit

Size: 51 kB

MD5: 5751a4baa8578c087b944dc7c0de00e1
SHA256: 1a6458bc7165b32bfe16970534c3ed0ef9ff5583b96c50c1e5979e2585d10c68

Audit Items

DescriptionCategories
AIOS-16-701000 - Apple iOS/iPadOS 16 must allow the administrator (MDM) to perform the following management function: enable/disable VPN protection across the device - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods].
AIOS-16-703600 - Apple iOS/iPadOS 16 must not allow backup to remote systems (managed applications data stored in iCloud) - managed applications data stored in iCloud.
AIOS-16-703700 - Apple iOS/iPadOS 16 must not allow backup to remote systems (enterprise books) - enterprise books.
AIOS-16-706500 - Apple iOS/iPadOS 16 must be configured to enforce a minimum password length of six characters.
AIOS-16-706600 - Apple iOS/iPadOS 16 must be configured to not allow passwords that include more than four repeating or sequential characters.
AIOS-16-706700 - Apple iOS/iPadOS 16 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity.
AIOS-16-706800 - Apple iOS/iPadOS 16 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity.
AIOS-16-706900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts.
AIOS-16-707000 - Apple iOS/iPadOS 16 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].
AIOS-16-707400 - The Apple iOS/iPadOS 16 allow list must be configured to not include applications with the following characteristics:
AIOS-16-707500 - Apple iOS/iPadOS 16 must be configured to not display notifications when the device is locked.
AIOS-16-707600 - Apple iOS/iPadOS 16 must not display notifications (calendar information) when the device is locked - calendar information when the device is locked.
AIOS-16-708400 - The Apple iOS/iPadOS 16 device User Agreement must include the DOD advisory warning message.
AIOS-16-709200 - Apple iOS/iPadOS 16 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
AIOS-16-709700 - Apple iOS/iPadOS 16 must not allow non-DOD applications to access DOD data.
AIOS-16-709900 - Apple iOS/iPadOS 16 must be configured to wipe enterprise data and apps upon unenrollment from MDM.
AIOS-16-710400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted.
AIOS-16-710700 - Apple iOS/iPadOS 16 must implement the management setting: Encrypt iTunes backups/Encrypt local backup.
AIOS-16-710900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time.
AIOS-16-711200 - iPhone and iPad must have the latest available iOS/iPadOS operating system installed.
AIOS-16-711300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync.
AIOS-16-711400 - Apple iOS/iPadOS 16 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 16 Mail app.
AIOS-16-711500 - Apple iOS/iPadOS 16 must implement the management setting: Treat AirDrop as an unmanaged destination.
AIOS-16-711800 - Apple iOS/iPadOS 16 must implement the management setting: force Apple Watch wrist detection.
AIOS-16-711900 - Apple iOS/iPadOS 16 users must complete required training.
AIOS-16-712000 - A managed photo app must be used to take and store work-related photos.
AIOS-16-712300 - Apple iOS/iPadOS 16 must not allow managed apps to write contacts to unmanaged contacts accounts.
AIOS-16-712400 - Apple iOS/iPadOS 16 must not allow unmanaged apps to read contacts from managed contacts accounts.
AIOS-16-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled.
AIOS-16-714600 - Apple iOS/iPadOS 16 must disable copy/paste of data from managed to unmanaged applications.
AIOS-16-714900 - Apple iOS/iPadOS 16 must not allow DOD applications to access non-DOD data.