AIOS-10-080103 - Apple iOS must implement the management setting: not allow user to remove profiles that enforce DoD security requirements.


Configuration profiles define security policies on Apple iOS devices. If a user is able to remove a configuration profile, the user can then change the configuration that had been enforced by that policy. Relaxing security policies may introduce vulnerabilities that the profiles had mitigated. Configuring a profile to never be removed mitigates this risk.


Configure the Apple iOS configuration profile such that it can never be removed.

See Also

Item Details


References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-86503r1_rule, STIG-ID|AIOS-10-080103, Vuln-ID|V-71879

Plugin: MDM

Control ID: 56e53176fa77a053eaa3d988223c8836d186d0a80c225c8716401b01e00c10e6