From Apple iOS 10 Security Technical Implementation Guide
Part of PP-MDF-201021
Associated with: CCI-000381
Many software systems automatically send diagnostic data to the manufacturer or a third party. This data enables the developers to understand real-world field behavior and improve the product based on that information. Unfortunately, it can also reveal information about what DoD users are doing with the systems and what causes them to fail. An adversary embedded within the software development team or elsewhere could use the information acquired to breach mobile operating system security. Disabling automatic transfer of such information mitigates this risk.
Review configuration settings to confirm "Allow sending diagnostic and usage data to Apple" is disabled.
This check procedure is performed on both the iOS management tool and the iOS device.
Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review.
In the iOS management tool, verify "Allow sending diagnostic and usage data to Apple" is unchecked.
Alternatively, verify the text "
Install a configuration profile to disable sending diagnostic data to an organization other than DoD.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer