Theme

800-53|AC-20(2)

Title

PORTABLE STORAGE DEVICES

Description

The organization [Selection: restricts; prohibits] the use of organization-controlled portable storage devices by authorized individuals on external information systems.

Supplemental

Limits on the use of organization-controlled portable storage devices in external information systems include, for example, complete prohibition of the use of such devices or restrictions on how the devices may be used and under what conditions the devices may be used.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: ACCESS CONTROL

Parent Title: USE OF EXTERNAL INFORMATION SYSTEMS

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
2.1.1.1 Audit iCloud Keychain	Unix	CIS Apple macOS 13.0 Ventura v1.0.0 L2
2.1.1.2 Audit iCloud Drive	Unix	CIS Apple macOS 13.0 Ventura v1.0.0 L2
2.1.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled	Unix	CIS Apple macOS 13.0 Ventura v1.0.0 L2
2.6.1.1 Audit iCloud Configuration	Unix	CIS Apple macOS 10.14 v2.0.0 L2
2.6.1.1 Audit iCloud Keychain	Unix	CIS Apple macOS 12.0 Monterey v2.0.0 L2
2.6.1.1 Audit iCloud Keychain	Unix	CIS Apple macOS 11.0 Big Sur v3.0.0 L2
2.6.1.1 Audit iCloud Keychain	Unix	CIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.1 Audit iCloud Keychain	Unix	CIS Apple macOS 10.15 v2.1.0 L2
2.6.1.2 Audit iCloud Drive	Unix	CIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.2 Audit iCloud Drive	Unix	CIS Apple macOS 11.0 Big Sur v3.0.0 L2
2.6.1.2 Audit iCloud Drive	Unix	CIS Apple macOS 10.15 v2.1.0 L2
2.6.1.2 Audit iCloud Drive	Unix	CIS Apple macOS 12.0 Monterey v2.0.0 L2
2.6.1.2 Audit iCloud Keychain	Unix	CIS Apple macOS 10.14 v2.0.0 L2
2.6.1.3 Audit iCloud Drive	Unix	CIS Apple macOS 10.14 v2.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled	Unix	CIS Apple macOS 11.0 Big Sur v3.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled	Unix	CIS Apple macOS 10.15 Catalina v3.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled	Unix	CIS Apple macOS 12.0 Monterey v2.0.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled - Desktop	Unix	CIS Apple macOS 10.15 v2.1.0 L2
2.6.1.3 Ensure iCloud Drive Document and Desktop Sync Is Disabled - Document	Unix	CIS Apple macOS 10.15 v2.1.0 L2
2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - Desktop	Unix	CIS Apple macOS 10.14 v2.0.0 L2
2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - Document	Unix	CIS Apple macOS 10.14 v2.0.0 L2
AIOS-11-080201 - Apple iOS must not allow backup to locally connected systems.	MDM	AirWatch - DISA Apple iOS 10 v1r3
AIOS-11-080201 - Apple iOS must not allow backup to locally connected systems.	MDM	MobileIron - DISA Apple iOS 10 v1r3
AIOS-12-012300 - A managed photo app must be used to take and store work related photos.	MDM	AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012300 - A managed photo app must be used to take and store work related photos.	MDM	MobileIron - DISA Apple iOS 12 v2r1
AIOS-12-012500 - Apple iOS must implement the management setting: enable USB Restricted Mode.	MDM	AirWatch - DISA Apple iOS 12 v2r1
AIOS-12-012500 - Apple iOS must implement the management setting: enable USB Restricted Mode.	MDM	MobileIron - DISA Apple iOS 12 v2r1
AIOS-13-012300 - A managed photo app must be used to take and store work-related photos.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012300 - A managed photo app must be used to take and store work-related photos.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012500 - Apple iOS/iPadOS must implement the management setting: enable USB Restricted Mode.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-012500 - Apple iOS/iPadOS must implement the management setting: enable USB Restricted Mode.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013000 - Apple iOS/iPadOS must implement the management setting: disable AirDrop.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013000 - Apple iOS/iPadOS must implement the management setting: disable AirDrop.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013100 - Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013200 - Apple iOS/iPadOS must disable password autofill in browsers and applications.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013200 - Apple iOS/iPadOS must disable password autofill in browsers and applications.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013300 - Apple iOS/iPadOS must disable allow setting up new nearby devices.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013300 - Apple iOS/iPadOS must disable allow setting up new nearby devices.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013400 - Apple iOS/iPadOS must disable password proximity requests.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013400 - Apple iOS/iPadOS must disable password proximity requests.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013500 - Apple iOS/iPadOS must disable password sharing.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013500 - Apple iOS/iPadOS must disable password sharing.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013600 - Apple iOS/iPadOS must disable Find My Friends in the Find My app.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013600 - Apple iOS/iPadOS must disable Find My Friends in the Find My app.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013700 - The Apple iOS/iPadOS must be Supervised by the MDM.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013700 - The Apple iOS/iPadOS must be Supervised by the MDM.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013800 - Apple iOS/iPadOS must disable Allow USB drive access in Files access if the AO has not approved the use of DoD approved USB storage drives with iOS/iPadOS devices.	MDM	MobileIron - DISA Apple iOS/iPadOS 13 v2r1
AIOS-13-013800 - Apple iOS/iPadOS must disable Allow USB drive access in Files access if the AO has not approved the use of DoD approved USB storage drives with iOS/iPadOS devices.	MDM	AirWatch - DISA Apple iOS/iPadOS 13 v2r1
AIOS-14-003600 - The mobile operating system must be configured to not allow backup of [all applications, configuration data] to locally connected systems.	MDM	MobileIron - DISA Apple iOS/iPadOS 14 v1r3