Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Apple iOS/iPad OS 16 MDFPP 3.3 BYOAD Security Technical Implementation Guide
PP-BYO-000150
PP-BYO-000150
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
PP-BYO-000150
1 Rule
<GroupDescription></GroupDescription>
The iOS/iPadOS 16 BYOAD must be deployed in Device Enrollment mode or User Enrollment mode.
Medium Severity
<VulnDiscussion>DOD policy requires BYOAD devices with DOD data be managed by a DOD MDM server, MAM server, or VMI system. This ensures the device can be monitored for compliance with the approved security baseline and the work profile can be removed when the device is out of compliance, which protects DOD data from unauthorized exposure. Note: Technical limitations prohibit using Apple iOS/iPadOS User Enrollment in most DOD environments. Reference: DOD policy "Use of Non-Government Mobile Devices". SFR ID: FMT_SMF_EXT.1.1 #47</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>