The iOS/iPadOS 16 BYOAD device must be configured to disable copy and paste from managed (work profile) apps/contacts to unmanaged (personal profile) apps/contacts and vice versa.

An XCCDF Rule

Description

Protection of DOD data is a key construct of the BYOAD security baseline, including disabling the capability to copy/paste data between the managed/work profile and the unmanaged/personal profile. Reference: NIST Special Publication 1800-22, "Mobile Device Security: Bring Your Own Device (BYOD)". SFR ID: FMT_SMF_EXT.1.1 #47

ID: SV-257098r904039_rule
Version: AIOS-16-800160
Severity: Medium
References: CCI-002218
Updated: 15 days ago

Remediation Templates

Configure the Apple iOS configuration profile to disable copy/paste of data from managed to unmanaged applications.

The procedure for implementing this control will vary depending on the MDM/EMM used by the mobile service provider.

In the MDM console, set "Require managed pasteboard" to "True".

Note: This requirement is the same as AIOS-16-714600 in the Apple iOS/iPadOS 16 BYOAD STIG.

The iOS/iPadOS 16 BYOAD device must be configured to disable copy and paste from managed (work profile) apps/contacts to unmanaged (personal profile) apps/contacts and vice versa.

Description

Remediation Templates

A Manual Procedure