| Checked | Name | Title |
|---|
| ☐ | SV-228729r619923_rule | The mobile operating system must be configured to enforce a minimum password length of six characters. |
| ☐ | SV-228730r619923_rule | The mobile operating system must be configured to not allow passwords that include more than two repeating or sequential characters. |
| ☐ | SV-228731r619923_rule | The mobile operating system must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. |
| ☐ | SV-228732r619923_rule | The mobile operating system must be configured to not allow more than ten consecutive failed authentication attempts. |
| ☐ | SV-228733r619923_rule | The mobile operating system must provide the capability for the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. |
| ☐ | SV-228734r619923_rule | The mobile operating system must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store]. |
| ☐ | SV-228735r619923_rule | Apple iOS/iPadOS must not include applications with the following characteristics: access to Siri when the device is locked. |
| ☐ | SV-228736r619923_rule | The mobile operating system whitelist must be configured to not include applications with the following characteristics: voice dialing application if available when MD is locked. |
| ☐ | SV-228737r619923_rule | The mobile operating system must be configured to not display notifications when the device is locked. |
| ☐ | SV-228738r619923_rule | Apple iOS/iPadOS must not display notifications (calendar information) when the device is locked. |
| ☐ | SV-228739r619923_rule | The mobile operating system must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. |
| ☐ | SV-228740r619923_rule | The mobile operating system must be configured to not allow backup of [all applications, configuration data] to locally connected systems. |
| ☐ | SV-228741r619923_rule | Apple iOS/iPadOS must not allow backup to remote systems (iCloud). |
| ☐ | SV-228742r619923_rule | Apple iOS/iPadOS must not allow backup to remote systems (iCloud document and data synchronization). |
| ☐ | SV-228743r619923_rule | Apple iOS/iPadOS must not allow backup to remote systems (iCloud Keychain). |
| ☐ | SV-228744r619923_rule | Apple iOS/iPadOS must not allow backup to remote systems (My Photo Stream). |
| ☐ | SV-228745r619923_rule | Apple iOS/iPadOS must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams). |
| ☐ | SV-228746r619923_rule | Apple iOS/iPadOS must not allow backup to remote systems (managed applications data stored in iCloud). |
| ☐ | SV-228747r619923_rule | Apple iOS/iPadOS must not allow backup to remote systems (enterprise books). |
| ☐ | SV-228748r619923_rule | Apple iOS/iPadOS must not allow non-DoD applications to access DoD data. |
| ☐ | SV-228750r619923_rule | Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. |
| ☐ | SV-228751r619923_rule | Apple iOS/iPadOS must implement the management setting: limit Ad Tracking. |
| ☐ | SV-228752r619923_rule | Apple iOS/iPadOS must implement the management setting: not allow automatic completion of Safari browser passcodes. |
| ☐ | SV-228753r619923_rule | Apple iOS/iPadOS must implement the management setting: Encrypt iTunes backups/Encrypt local backup. |
| ☐ | SV-228754r619923_rule | Apple iOS/iPadOS must implement the management setting: not allow use of Handoff. |
| ☐ | SV-228755r645689_rule | Apple iOS/iPadOS must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. |
| ☐ | SV-228756r619923_rule | Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. |
| ☐ | SV-228757r619923_rule | Apple iOS/iPadOS must implement the management setting: Disable Allow Shared Albums. |
| ☐ | SV-228758r619923_rule | iPhone and iPad must have the latest available iOS/iPadOS operating system installed. |
| ☐ | SV-228759r619923_rule | Apple iOS/iPadOS must implement the management setting: use SSL for Exchange ActiveSync. |
| ☐ | SV-228760r619923_rule | Apple iOS/iPadOS must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS Mail app. |
| ☐ | SV-228761r619923_rule | Apple iOS/iPadOS must implement the management setting: Treat AirDrop as an unmanaged destination. |
| ☐ | SV-228762r619923_rule | Apple iOS/iPadOS must implement the management setting: not have any Family Members in Family Sharing. |
| ☐ | SV-228763r619923_rule | Apple iOS/iPadOS must implement the management setting: not share location data through iCloud. |
| ☐ | SV-228764r619923_rule | Apple iOS/iPadOS must implement the management setting: force Apple Watch wrist detection. |
| ☐ | SV-228765r619923_rule | Apple iOS/iPadOS users must complete required training. |
| ☐ | SV-228766r645691_rule | A managed photo app must be used to take and store work-related photos. |
| ☐ | SV-228767r619923_rule | Apple iOS/iPadOS must implement the management setting: enable USB Restricted Mode. |
| ☐ | SV-228768r619923_rule | Apple iOS/iPadOS must not allow managed apps to write contacts to unmanaged contacts accounts. |
| ☐ | SV-228769r619923_rule | Apple iOS/iPadOS must not allow unmanaged apps to read contacts from managed contacts accounts. |
| ☐ | SV-228770r619923_rule | Apple iOS/iPadOS must implement the management setting: disable AirDrop. |
| ☐ | SV-228771r619923_rule | Apple iOS/iPadOS must implement the management setting: disable paired Apple Watch. |
| ☐ | SV-228772r619923_rule | Apple iOS/iPadOS must disable Password AutoFill in browsers and applications. |
| ☐ | SV-228773r619923_rule | Apple iOS/iPadOS must disable allow setting up new nearby devices. |
| ☐ | SV-228774r619923_rule | Apple iOS/iPadOS must disable password proximity requests. |
| ☐ | SV-228775r645693_rule | Apple iOS/iPadOS must disable password sharing. |
| ☐ | SV-228776r619923_rule | Apple iOS/iPadOS must disable Find My Friends in the Find My app. |
| ☐ | SV-228777r619923_rule | The Apple iOS/iPadOS must be supervised by the MDM. |
| ☐ | SV-228778r619923_rule | Apple iOS/iPadOS must disable "Allow USB drive access in Files app" if the AO has not approved the use of DoD-approved USB storage drives with iOS/iPadOS devices. |
| ☐ | SV-228779r619923_rule | Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. |
| ☐ | SV-228780r619923_rule | Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. |
| ☐ | SV-228781r619923_rule | Apple iOS/iPadOS must disable [Allow network drive access in Files access]. |
STIGQter: STIG Summary: