AIOS-12-004100 - Apple iOS must not allow backup to remote systems (iCloud).

Information

Backups to remote systems (including cloud backup) can leave data vulnerable to breach on the external systems, which often offer less protection than the MOS. Where the remote backup involves a cloud-based solution, the backup capability is often used to synchronize data across multiple devices. In this case, DoD devices may synchronize DoD-sensitive information to a user's personal device or other unauthorized computers that are vulnerable to breach. Disallowing remote backup mitigates this risk.

Note: If the AO has approved the use/storage of DoD data in one or more personal (unmanaged) apps, allowing unrestricted activity by the user in downloading and installing personal (unmanaged) apps on the iOS 11 device may not be warranted due to the risk of possible loss of or unauthorized access to DoD data.

SFR ID: FMT_MOF_EXT.1.2 #40

Solution

Install a configuration profile to disable iCloud Backup.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_iOS_12_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., 800-53|CM-11b., CAT|II, CCI|CCI-000366, CCI|CCI-001806, Rule-ID|SV-237248r852619_rule, STIG-ID|AIOS-12-004100, STIG-Legacy|SV-96493, STIG-Legacy|V-81779, Vuln-ID|V-237248

Plugin: MDM

Control ID: 2cac87106f0e382edd9548fb72d61b22bd0343f5176fefa6c93d6951f6a2eee2