Detections
Analytics

800-53|AC-20(2)

Title

PORTABLE STORAGE DEVICES

Description

The organization [Selection: restricts; prohibits] the use of organization-controlled portable storage devices by authorized individuals on external information systems.

Supplemental

Limits on the use of organization-controlled portable storage devices in external information systems include, for example, complete prohibition of the use of such devices or restrictions on how the devices may be used and under what conditions the devices may be used.

Reference Item Details

Category: ACCESS CONTROL

Parent Title: USE OF EXTERNAL INFORMATION SYSTEMS

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1.1.1 Audit iCloud KeychainUnixCIS Apple macOS 13.0 Ventura v3.1.0 L2
2.1.1.1 Audit iCloud KeychainUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L2
2.1.1.1 Audit iCloud KeychainUnixCIS Apple macOS 14.0 Sonoma v2.1.0 L2
2.1.1.2 Audit iCloud DriveUnixCIS Apple macOS 13.0 Ventura v3.1.0 L2
2.1.1.2 Audit iCloud DriveUnixCIS Apple macOS 14.0 Sonoma v2.1.0 L2
2.1.1.2 Audit iCloud DriveUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L2
2.1.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 14.0 Sonoma v2.1.0 L2
2.1.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 13.0 Ventura v3.1.0 L2
2.1.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L2
2.1.1.5 Audit Freeform Sync to iCloudUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L2
2.1.1.5 Audit Freeform Sync to iCloudUnixCIS Apple macOS 13.0 Ventura v3.1.0 L2
2.1.1.5 Audit Freeform Sync to iCloudUnixCIS Apple macOS 14.0 Sonoma v2.1.0 L2
2.1.1.6 Audit Find My MacUnixCIS Apple macOS 14.0 Sonoma v2.1.0 L2
2.1.1.6 Audit Find My MacUnixCIS Apple macOS 13.0 Ventura v3.1.0 L2
2.1.1.6 Audit Find My MacUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L2
2.4.1 Ensure 'Settings for DevTools Generative AI Features' Is Set to 'Enabled:Allow DevTools Generative AI Features without improving AI models'WindowsCIS Google Chrome Group Policy v1.0.0 L1
2.4.2 Ensure 'Settings for Help Me Write' Is Set to 'Enabled:Allow help me write without improving AI models'WindowsCIS Google Chrome Group Policy v1.0.0 L1
2.4.3 Ensure 'Settings for AI-powered History Search' Is Set to 'Enabled:Allow AI history search without improving AI models'WindowsCIS Google Chrome Group Policy v1.0.0 L1
2.4.4 Ensure 'Tab compare settings' Is Set to 'Enabled:Allow Tab Compare without improving AI models'WindowsCIS Google Chrome Group Policy v1.0.0 L1
2.5.1.1 Ensure External Intelligence Extensions Is DisabledUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L1
2.5.1.2 Ensure Writing Tools Is DisabledUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L1
2.5.1.3 Ensure Mail Summarization Is DisabledUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L1
2.5.1.4 Ensure Notes Summarization Is DisabledUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L1
2.6.1.1 Audit iCloud ConfigurationUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.1 Audit iCloud KeychainUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.1 Audit iCloud KeychainUnixCIS Apple macOS 11.0 Big Sur v4.0.0 L2
2.6.1.1 Audit iCloud KeychainUnixCIS Apple macOS 12.0 Monterey v4.0.0 L2
2.6.1.2 Audit iCloud DriveUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.2 Audit iCloud DriveUnixCIS Apple macOS 11.0 Big Sur v4.0.0 L2
2.6.1.2 Audit iCloud DriveUnixCIS Apple macOS 12.0 Monterey v4.0.0 L2
2.6.1.2 Audit iCloud KeychainUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.3 Audit iCloud DriveUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 11.0 Big Sur v4.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 12.0 Monterey v4.0.0 L2
2.6.1.4 Audit Find My MacUnixCIS Apple macOS 12.0 Monterey v4.0.0 L2
2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - DesktopUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - DocumentUnixCIS Apple macOS 10.14 v2.0.0 L2
2.15 Audit Internet Accounts for Authorized UseUnixCIS Apple macOS 11.0 Big Sur v4.0.0 L1
2.16 Audit Internet Accounts for Authorized UseUnixCIS Apple macOS 12.0 Monterey v4.0.0 L1
2.17.1 Audit Internet Accounts for Authorized UseUnixCIS Apple macOS 15.0 Sequoia v1.1.0 L1
2.17.1 Audit Internet Accounts for Authorized UseUnixCIS Apple macOS 13.0 Ventura v3.1.0 L1
2.17.1 Audit Internet Accounts for Authorized UseUnixCIS Apple macOS 14.0 Sonoma v2.1.0 L1
3.2.1.6 Review 'Allow iCloud Keychain' settingsMDMMobileIron - CIS Apple iPadOS 17 Institutionally Owned L1
3.2.1.6 Review 'Allow iCloud Keychain' settingsMDMMobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned
3.2.1.6 Review 'Allow iCloud Keychain' settingsMDMMobileIron - CIS Apple iOS 17 Institution Owned L1
3.2.1.6 Review 'Allow iCloud Keychain' settingsMDMAirWatch - CIS Apple iOS 17 Institution Owned L1
3.2.1.6 Review 'Allow iCloud Keychain' settingsMDMAirWatch - CIS Apple iPadOS 17 Institutionally Owned L1
3.2.1.6 Review 'Allow iCloud Keychain' settingsMDMAirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned
3.2.1.6 Review 'Allow iCloud Keychain' settingsMDMMobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned