| 2.3.3.9 Ensure Media Sharing Is Disabled | CIS Apple macOS 15.0 Sequoia v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.1 Ensure 'Controls when the profile can be removed' is set to 'Never' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.1.1 Ensure 'Allow screenshots and screen recording' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.2 Ensure 'Allow voice dialing while device is locked' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.3 Ensure 'Allow Siri while device is locked' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.6 Ensure 'Allow iCloud Keychain' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.7 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.9 Ensure 'Allow Erase All Content and Settings' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.11 Ensure 'Allow installing configuration profiles' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.12 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.13 Ensure 'Allow modifying cellular data app settings' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.14 Ensure 'Allow pairing with non-Configurator hosts' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.17 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.19 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.1.20 Ensure 'Allow setting up new nearby devices' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.21 Ensure 'Show Control Center in Lock screen' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.22 Ensure 'Show Notification Center in Lock screen' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.1 Ensure 'Allow simple value' is set to 'Disabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.4.4 Ensure 'Maximum grace period for device lock' is set to 'Immediately' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.5.1 Ensure 'VPN' is 'Configured' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Automatic Downloads' of 'App Updates' is set to 'Enabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 4.5 Review 'iCloud Private Relay' settings | AirWatch - CIS Apple iOS 26 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| AIOS-13-000300 - Apple iOS/iPadOS must be configured to lock the display after 15 minutes (or less) of inactivity. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL |
| AIOS-16-012300 - Apple iOS/iPadOS 16 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-16-712000 - A managed photo app must be used to take and store work-related photos. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AIOS-17-006900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL |
| AIOS-17-010200 - Apple iOS/iPadOS 17 must be configured to disable ad hoc wireless client-to-client connection capability. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010850 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-013100 - Apple iOS/iPadOS 17 must disable 'Find My Friends' in the 'Find My' app - Find My app. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-17-707500 - Apple iOS/iPadOS 17 must be configured to not display notifications when the device is locked. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AIOS-18-003450 - Apple iOS/iPadOS 18 must not allow backup to remote systems (Cloud Photo Library) - Cloud Photo Library. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-006900 - Apple iOS/iPadOS 18 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | ACCESS CONTROL |
| AIOS-26-003450 - Apple iOS/iPadOS 26 must not allow backup to remote systems (Cloud Photo Library) - Cloud Photo Library. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-26-006900 - Apple iOS/iPadOS 26 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | ACCESS CONTROL |
| AIOS-26-007400 - Apple iOS/iPadOS 26 allow list must be configured to not include applications with the following characteristics | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-26-013100 - Apple iOS/iPadOS 26 must disable 'Find My Friends' in the 'Find My' app - Find My app. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| APPL-14-005110 - The macOS system must enforce enrollment in mobile device management. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Enforce Enrollment in Mobile Device Management | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT |
