Big Sur - Disable Sending Diagnostic and Usage Data to Apple

Information

The ability to submit diagnostic data to Apple _MUST_ be disabled.

The information system _MUST_ be configured to provide only essential capabilities. Disabling the submission of diagnostic and usage information will mitigate the risk of unwanted data being sent to Apple.

Solution

This is implemented by a Configuration Profile.

mobileconfig profile info:

com.apple.SubmitDiagInfo:
AutoSubmit:
False
com.apple.applicationaccess:
allowDiagnosticSubmission:
False

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-20, 800-53|CM-7b., 800-53|SC-7(10), 800-53|SI-11, CCE|CCE-85423-2, CCI|CCI-000382, STIG-ID|APPL-11-002021

Plugin: Unix

Control ID: 1313a0ef410b61a6df4aa50bbf572ca2771a9d845ea005a9aaec7b518769e3c1