AIOS-12-004200 - Apple iOS must not allow backup to remote systems (iCloud document and data synchronization).

Information

Backups to remote systems (including cloud backup and cloud document syncing) can leave data vulnerable to breach on the external systems, which often offer less protection than the MOS. Where the remote backup involves a cloud-based solution, the backup capability is often used to synchronize data across multiple devices. In this case, DoD devices may synchronize DoD-sensitive information to a user's personal device or other unauthorized computers that are vulnerable to breach. Disallowing remote backup mitigates this risk.

Note: If the AO has approved the use/storage of DoD data in one or more personal (unmanaged) apps, allowing unrestricted activity by the user in downloading and installing personal (unmanaged) apps on the iOS 11 device may not be warranted due to the risk of possible loss of or unauthorized access to DoD data.

SFR ID: FMT_MOF_EXT.1.2 #40

Solution

Install a configuration profile to disable iCloud documents and data.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apple_iOS_12_V1R2_STIG.zip

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-19, 800-53|CM-7, CAT|II, CCI|CCI-000366, CCI|CCI-001806, CSCv6|9.1, Rule-ID|SV-96495r1_rule, STIG-ID|AIOS-12-004200, Vuln-ID|V-81781

Plugin: MDM

Control ID: 90ba62b5cd55ceb09336f1e686a468980e53fdea26dd45da5ec2694a637930e1