← Back to Apple iOS/iPadOS 17 BYOAD Security Technical Implementation Guide

V-259743

CAT II (Medium)

The EMM system supporting the iOS/iPadOS 17 BYOAD must be configured to initiate autonomous monitoring, compliance, and validation prior to granting the BYOAD access to DOD information and IT resources.

Rule ID

SV-259743r959010_rule

STIG

Apple iOS/iPadOS 17 BYOAD Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000366

Discussion

DOD policy requires BYOAD devices with DOD data be managed by a DOD MDM server, MAM server, or VMI system. This ensures the device can be monitored for compliance with the approved security baseline and managed data and apps can be removed when the device is out of compliance, which protects DOD data from unauthorized exposure. Reference: DOD policy "Use of Non-Government Mobile Devices". 3.a.(3)iii. SFR ID: FMT_SMF_EXT.1.1 #47

Check Content

Verify the EMM system supporting the iOS/iPadOS 17 BYOAD has been configured to initiate autonomous monitoring, compliance, and validation prior to granting the BYOAD access to DOD information and IT resources. The exact procedure will depend on the EMM system used at the site.

If the EMM system supporting the iOS/iPadOS 17 BYOAD has not been configured to initiate autonomous monitoring, compliance, and validation prior to granting the BYOAD access to DOD information and IT resources, this is a finding.

Fix Text

Configure the EMM system supporting the iOS/iPadOS 17 BYOAD to initiate autonomous monitoring, compliance, and validation prior to granting the BYOAD access to DOD information and IT resources. The exact procedure will depend on the EMM system used at the site.