Rule ID
SV-278829r1150734_rule
Version
V1R2
CCIs
Hidden apps cannot be seen by enterprise management applications (e.g., MDM server), and therefore, unauthorized apps or apps with embedded malware could be installed and hidden from the MDM or mobile threat detection (MTD) apps. Hidden apps may lead to the compromise of sensitive DOD data or provide a vector to attacks on the DOD network. SFR ID: FMT_MOF_EXT.1.2 #47
This check procedure is performed on the device management tool and the iPhone and iPad. Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review. In the iOS management tool, verify "Allow Apps to be hidden" is unchecked. On the iPhone and iPad device: 1. Open the Settings app. 2. Tap "Apps". 3. At the bottom of the list of Apps, tap "Hidden Apps". 4. Verify there are no hidden apps listed. If "Allow Apps to be hidden" is not disabled in the management tool or there are hidden apps installed on enterprise iPhones and iPads, this is a finding.
Install a configuration profile to disable hiding apps on iPhones and iPads. Configuration Profile Key: allowAppsToBeHidden