The operating system must protect the confidentiality and integrity of information at rest.

From Apple OS X 10.8 (Mountain Lion) Workstation STIG

Part of SRG-OS-000185

Associated with: CCI-001199

SV-65581r1_rule The operating system must protect the confidentiality and integrity of information at rest.

Vulnerability discussion

This control is intended to address the confidentiality and integrity of information at rest in non-mobile devices and covers user information and system information. Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive, tape drive). The operating system must ensure the data being written to these devices is protected. In most cases, this is done via encryption.

Check content

To check if FileVault 2 is enabled, run the following command: sudo fdesetup status If FileVault is "OFF", this is a finding.

Fix text

Open System Preferences->Security and Privacy, and navigate to the FileVault tab. Use this panel to configure full-disk encryption.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer