From Apple iOS 10 Security Technical Implementation Guide
Part of PP-MDF-991000
Associated with: CCI-000366
DoD sensitive data (CUI/FOUO) or PII data downloaded from DoD web sites via Safari will be saved by default in a non-managed app on a DoD iOS device. If the device is wiped via an MDM Enterprise remote wipe command, data saved in non-managed apps will not be deleted and may be accessible to unauthorized people that have access to the MDM-wiped device. If the device is wiped via a Full Device MDM remote wipe command, all data on the device, including managed and unmanaged, will be deleted, but a Full Device wipe may not be appropriate for devices that have been authorized for personal use and have personal data stored on them or are BYOD devices. The risk in not using a Full Device wipe can be mitigated if a Managed Domain Configuration profile is installed on all managed iOS devices that contains a list of all DoD web domains that may have sensitive DoD data (CUI/FOUO) and PII data (primarily DoD web domains that require DoD PKI authentication credentials to access the web site).
Review configuration settings to confirm Apple iOS is configured to wipe all sensitive DoD data and PII data during a remote wipe command from the MDM server. There are two possible implementations (policy or technical) for meeting this requirement. Interview the site MDM system administrator to determine which approach is being used at the site and follow the appropriate procedure for verifying compliance: Method #1: Policy: Verify the MDM system administrators are trained to always use a Full Device wipe when using a remote wipe command on managed iOS devices. Check system administrator training material and training records to verify compliance. Verify the site MDM administration policy includes an instruction that only a Full Device wipe command will be used when using a remote wipe command on managed iOS devices. If MDM system administrators are not trained to always use a Full Device wipe when using a remote wipe command on managed iOS devices or the site MDM administration policy does not include an instruction that only a Full Device wipe commands will be used when using a remote wipe command on managed iOS devices, this is a finding. Method #2: Technical This verification procedure is performed on both the Apple iOS management tool and the Apple iOS device. On the MDM management tool (MDM), do the following: 1. Verify a Managed Domain Configuration profile is set up on the iOS management tool. 2. Open the profile and verify it contains the current list of DoD web domains that may have sensitive DoD data (CUI/FOUO) and PII data by verifying the list was obtained from the DoD Network Information Center (NIC). On several site managed iOS devices, do the following: 1. Have the user unlock the iOS device 2. Go to Settings >> General >> Device Management 3. Verify a Managed Domain Configuration profile is installed on the device If the Apple iOS management tool does not have a Managed Domain Configuration profile installed or the profile does not contain a DoD NIC provided list of DoD web domains or any site managed iOS device reviewed does not have a Managed Domain Configuration profile installed, this is a finding.
One of the following two procedures will be implemented to configure Apple iOS to wipe all sensitive DoD data and PII data during a remote wipe command from the MDM server: 1. Policy method: Implement an MDM site policy that only full device remote wipe commands will be used on managed mobile devices. Enterprise wipe commands will not be used. This policy will be documented in the site MDM management policy and in system administrator training and all MDM system administrators will be trained on this requirement. 2. Technical method: MDM site will install a Managed Domain Configuration profile on all managed iOS devices. See the profile provided in the iOS 10 package. The profile will contain a list of all DoD web domains that may have sensitive DoD data (CUI/FOUO) and PII data (primarily DoD web domains that require DoD PKI authentication credentials to access the web site). Note: *.mil can be used instead of listing all DoD web domains.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer