Detections
Analytics
AIOS-17-010400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted.
Information
Passwords provide a form of access control that prevents unauthorized individuals from accessing computing resources and sensitive data. Passwords may also be a source of entropy for generation of key encryption or data encryption keys. If a password is not required to access data, this data is accessible to any adversary who obtains physical possession of the device. Requiring that a password be successfully entered before the mobile device data is unencrypted mitigates this risk.Note: MDF PP requires a Password Authentication Factor and requires management of its length and complexity. It leaves open whether the existence of a password is subject to management. This requirement addresses the configuration to require a password, which is critical to the cybersecurity posture of the device.
SFR ID: FIA_UAU_EXT.1.1
Solution
Install a configuration profile to require a password to unlock the device.See Also
https://public.cyber.mil/wp-content/uploads/U_Apple_iOS-iPadOS_17_V2R2_STIG.zip
Item Details
Audit Name: MobileIron - DISA Apple iOS/iPadOS 17 v2r2
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-28, CAT|I, CCI|CCI-001199, Rule-ID|SV-258338r959010_rule, STIG-ID|AIOS-17-010400, Vuln-ID|V-258338
Plugin: MDM
Control ID: 995502a3acccec90fea7b66d38e48e24618701c51880bfb3a4095cdb9ea5f717