Skip to content

The EMM system supporting the iOS/iPadOS 17 BYOAD must be configured to only wipe managed data and apps and not unmanaged data and apps when the user's access is revoked or terminated, the user no longer has the need to access DOD data or IT, or the user reports a registered device as lost, stolen, or showing indicators of compromise.

An XCCDF Rule

Description

<VulnDiscussion>DOD policy requires the protection and privacy of personal data and activities to the maximum extent possible on BYOADs. Reference: DOD policy "Use of Non-Government Mobile Devices". 3.b.(5). SFR ID: FMT_SMF_EXT.1.1 #47</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-259753r943584_rule
Severity
Low
References
Updated



Remediation - Manual Procedure

Train EMM system administrators supporting the iOS/iPadOS 17 BYOAD to only wipe managed data and apps when the user's access is revoked or terminated, the user no longer has the need to access DOD data or IT, or the user reports a registered device as lost, stolen, or showing indicators of compromise.