3.2.1.25 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled'

Information

This recommendation pertains to preventing proximity based password sharing from institutionally owned devices.

Rationale:
In an organizational context, access to systems and applications should be provisioned by role, and credentials only transferred through supported credential management systems. Additionally, credential sharing requests may be exploited through a social engineering scheme.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

1. Open Apple Configurator.
2. Open the Configuration Profile.
3. In the left windowpane, click on the Restrictions tab.verify
4. In the right windowpane, under the tab Functionality, uncheck the checkbox for Allow proximity based password sharing requests.
5. Deploy the Configuration Profile.

See Also

https://workbench.cisecurity.org/files/2141