| AIOS-02-080014 - Apple iOS must not allow non-DoD applications to access DoD data. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-009500 - Apple iOS/iPadOS must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-009500 - Apple iOS/iPadOS must implement the management setting: Disable Allow Shared Albums. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-003200 - Apple iOS/iPadOS 15 must not allow backup to remote systems (iCloud document and data synchronization). | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-006600 - Apple iOS/iPadOS 15 must be configured to not allow passwords that include more than two repeating or sequential characters. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-006800 - Apple iOS/iPadOS 15 must be configured to lock the display after 15 minutes (or less) of inactivity. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-007000 - Apple iOS/iPadOS 15 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store]. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007200 - Apple iOS/iPadOS 15 must not include applications with the following characteristics: access to Siri when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007300 - Apple iOS/iPadOS 15 allow list must be configured to not include applications with the following characteristics: voice dialing application if available when MD is locked. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007300 - Apple iOS/iPadOS 15 allow list must be configured to not include applications with the following characteristics: voice dialing application if available when MD is locked. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-009200 - Apple iOS/iPadOS 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-010700 - Apple iOS/iPadOS 15 must implement the management setting: Encrypt iTunes backups/Encrypt local backup. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011100 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011100 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow Shared Albums. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011400 - Apple iOS/iPadOS 15 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 15 Mail app. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012000 - A managed photo app must be used to take and store work-related photos. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012600 - Apple iOS/iPadOS 15 must implement the management setting: disable paired Apple Watch. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-014600 - Apple iOS/iPadOS 15 must disable copy/paste of data from managed to unmanaged applications. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-006600 - Apple iOS/iPadOS 16 must be configured to not allow passwords that include more than four repeating or sequential characters. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-007300 - Apple iOS/iPadOS 16 allow list must be configured to not include applications with the following characteristics: allow voice dialing when MD is locked. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-009200 - Apple iOS/iPadOS 16 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-010200 - Apple iOS/iPadOS 16 must be configured to disable ad hoc wireless client-to-client connection capability. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-011100 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-011100 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow Shared Albums. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-011300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-16-706800 - Apple iOS/iPadOS 16 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AIOS-16-706800 - Apple iOS/iPadOS 16 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r2 | MDM | ACCESS CONTROL |
| AIOS-16-711300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-16-711300 - Apple iOS/iPadOS 16 must implement the management setting: use SSL for Exchange ActiveSync. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-003000 - Apple iOS/iPadOS 17 must not allow backup to remote systems (iCloud) - iCloud. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-006900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL |
| AIOS-17-009200 - Apple iOS/iPadOS 17 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-014700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-706800 - Apple iOS/iPadOS 17 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AIOS-17-706800 - Apple iOS/iPadOS 17 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | ACCESS CONTROL |
| AIOS-17-715000 - All Apple iOS/iPadOS 17 BYOAD installations must be removed. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| APPL-11-000001 - The macOS system must be configured to prevent Apple Watch from terminating a session lock. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-001012 - The macOS system must be configured with audit log files owned by root. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001016 - The macOS system must be configured with audit log files set to mode 440 or less permissive. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-002001 - The macOS system must be configured to disable SMB File Sharing unless it is required. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002003 - The macOS system must be configured to disable the Network File System (NFS) daemon unless it is required. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002004 - The macOS system must be configured to disable Location Services. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002007 - The macOS system must be configured to disable Internet Sharing. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002023 - The macOS system must be configured to disable the application Calendar. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002037 - The macOS system must be configured to disable the Cloud Storage Setup services. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002060 - The macOS system must allow only applications that have a valid digital signature to run - AllowIdentifiedDevelopers | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
