2.2.1.8 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled'

Information

This recommendation pertains to AirDrop in the context of Apple's managed app implementation.

The terms 'managed' and 'unmanaged' refer to app classifications made through Managed Open In, a feature of iOS 7 and later. Managed Open In provides for data containerization. Institutionally provisioned apps are designated managed. Apps elected by the end user are designated unmanaged.

Rationale:

When AirDrop is allowed as a managed destination, sensitive data may be moved out of the managed app space to an unmanaged device.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

1. Open Apple Configurator.
2. Open the Configuration Profile.
3. In the left windowpane, click on the 'Restrictions' tab.
4. In the right windowpane, under the tab 'Functionality', 'check' the checkbox for 'Treat AirDrop as unmanaged destination'.
5. Deploy the Configuration Profile.

Impact:

None.

See Also

https://workbench.cisecurity.org/files/1806