4.4 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end-user owned devices

Information

This recommendation pertains to remote device locating, locking, and erasure by the end-user.

Rationale:

The ability to locate, lock, and erase a device remotely helps to mitigate the impact of device theft and loss, and the likelihood of permanent loss.

This is only recommended for end-user owned devices. Institutionally owned devices should not be erasable by end-users.

Impact:

Evidence may be destroyed if an end-user performs an erase.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

From the device:

Tap Settings.

Tap <_The User's Name_> where Apple ID, iCloud, iTunes & App Store is displayed beneath.

Tap iCloud.

Tap Find My iPhone.

Enable Find My iPhone and Send Last Location.

See Also

https://workbench.cisecurity.org/files/3064