800-53|AC-20(2)

Title

PORTABLE STORAGE DEVICES

Description

The organization [Selection: restricts; prohibits] the use of organization-controlled portable storage devices by authorized individuals on external information systems.

Supplemental

Limits on the use of organization-controlled portable storage devices in external information systems include, for example, complete prohibition of the use of such devices or restrictions on how the devices may be used and under what conditions the devices may be used.

Reference Item Details

Category: ACCESS CONTROL

Parent Title: USE OF EXTERNAL INFORMATION SYSTEMS

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
2.1.1.1 Audit iCloud KeychainUnixCIS Apple macOS 13.0 Ventura v1.0.0 L2
2.1.1.2 Audit iCloud DriveUnixCIS Apple macOS 13.0 Ventura v1.0.0 L2
2.1.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 13.0 Ventura v1.0.0 L2
2.6.1.1 Audit iCloud ConfigurationUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.1 Audit iCloud KeychainUnixCIS Apple macOS 12.0 Monterey v2.0.0 L2
2.6.1.1 Audit iCloud KeychainUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L2
2.6.1.1 Audit iCloud KeychainUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.1 Audit iCloud KeychainUnixCIS Apple macOS 10.15 v2.1.0 L2
2.6.1.2 Audit iCloud DriveUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.2 Audit iCloud DriveUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L2
2.6.1.2 Audit iCloud DriveUnixCIS Apple macOS 10.15 v2.1.0 L2
2.6.1.2 Audit iCloud DriveUnixCIS Apple macOS 12.0 Monterey v2.0.0 L2
2.6.1.2 Audit iCloud KeychainUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.3 Audit iCloud DriveUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 11.0 Big Sur v3.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is DisabledUnixCIS Apple macOS 12.0 Monterey v2.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled - DesktopUnixCIS Apple macOS 10.15 v2.1.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled - DocumentUnixCIS Apple macOS 10.15 v2.1.0 L2
2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - DesktopUnixCIS Apple macOS 10.14 v2.0.0 L2
2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - DocumentUnixCIS Apple macOS 10.14 v2.0.0 L2
AIOS-11-080201 - Apple iOS must not allow backup to locally connected systems.MDMAirWatch - DISA Apple iOS 10 v1r3
AIOS-11-080201 - Apple iOS must not allow backup to locally connected systems.MDMMobileIron - DISA Apple iOS 10 v1r3
AIOS-12-012300 - A managed photo app must be used to take and store work related photos.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012300 - A managed photo app must be used to take and store work related photos.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-12-012500 - Apple iOS must implement the management setting: enable USB Restricted Mode.MDMAirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012500 - Apple iOS must implement the management setting: enable USB Restricted Mode.MDMMobileIron - DISA Apple iOS 12 v2r1
AIOS-13-012300 - A managed photo app must be used to take and store work-related photos.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012300 - A managed photo app must be used to take and store work-related photos.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012500 - Apple iOS/iPadOS must implement the management setting: enable USB Restricted Mode.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012500 - Apple iOS/iPadOS must implement the management setting: enable USB Restricted Mode.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013000 - Apple iOS/iPadOS must implement the management setting: disable AirDrop.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013000 - Apple iOS/iPadOS must implement the management setting: disable AirDrop.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013200 - Apple iOS/iPadOS must disable password autofill in browsers and applications.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013200 - Apple iOS/iPadOS must disable password autofill in browsers and applications.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013300 - Apple iOS/iPadOS must disable allow setting up new nearby devices.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013300 - Apple iOS/iPadOS must disable allow setting up new nearby devices.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013400 - Apple iOS/iPadOS must disable password proximity requests.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013400 - Apple iOS/iPadOS must disable password proximity requests.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013500 - Apple iOS/iPadOS must disable password sharing.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013500 - Apple iOS/iPadOS must disable password sharing.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013600 - Apple iOS/iPadOS must disable Find My Friends in the Find My app.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013600 - Apple iOS/iPadOS must disable Find My Friends in the Find My app.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013700 - The Apple iOS/iPadOS must be Supervised by the MDM.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013700 - The Apple iOS/iPadOS must be Supervised by the MDM.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013800 - Apple iOS/iPadOS must disable Allow USB drive access in Files access if the AO has not approved the use of DoD approved USB storage drives with iOS/iPadOS devices.MDMMobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013800 - Apple iOS/iPadOS must disable Allow USB drive access in Files access if the AO has not approved the use of DoD approved USB storage drives with iOS/iPadOS devices.MDMAirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-14-003600 - The mobile operating system must be configured to not allow backup of [all applications, configuration data] to locally connected systems.MDMMobileIron - DISA Apple iOS/iPadOS 14 v1r3