From Apple iOS 10 Security Technical Implementation Guide
Part of PP-MDF-201024
Associated with: CCI-000366 CCI-001028
When a mobile device is no longer going to be managed by MDM technologies, its protected/sensitive data must be sanitized because it will no longer be protected by the MDM software, so it is at much greater risk of unauthorized access and disclosure.
Note: The procedure below is exactly the same for requirement AIOS-10-080102. This procedure needs to be performed only once. Note: Not all Apple iOS deployments involve MDM. If the site uses an authorized alternative to MDM for distribution of configuration profiles, this check procedure is not applicable. This check procedure is performed on the Apple iOS management tool. In the Apple iOS management tool, for each managed app, verify the app is configured to be removed when the MDM profile is removed. If one or more managed apps are not set to be removed upon device MDM unenrollment, this is a finding.
Install a configuration profile to delete all managed apps upon device unenrollment.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer