UCF STIG Viewer Logo

Apple iOS must disable screen capture.


Finding ID Version Rule ID IA Controls Severity
V-43229 AIOS-02-000001 SV-55977r1_rule Low
By allowing the screen capture function, a user has the ability to capture a screen containing sensitive information and then transfer it to an application not authorized to store or process that type of information. For example, the unauthorized app may automatically perform cloud backup to non-DoD servers. If a screen capture containing sensitive information was copied to a location with inadequate protection, there is a risk that an adversary could obtain it. Disabling the screen capture function will mitigate the risk of leaking sensitive information.
Apple iOS 7 STIG 2014-08-26


Check Text ( C-49256r1_chk )
This check procedure is performed on the iOS Over-the-Air management tool and the iOS device.
Note: If an organization has multiple configuration profiles, then the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review.

In the iOS Over-the-Air management tool, verify "Allow screenshots" is unchecked.
For example, in Mobile Iron Admin Portal:
1. Ask the MDM administrator to display the "POLICIES & CONFIGS".
2. Click or tap on the word "Configurations".
3. Click or tap the configuration name.
4. Expand "Details" under "App Setting Details".
5. Verify that "Allow Screen Capture" is set to "false".

Alternatively, verify the text "allowScreenShot " appears in the configuration profile (.mobileconfig file).

On the iOS device:
1. Open Photos app.
2. Select "Camera Roll".
3. Visually notice the most recent photo in the camera roll.
4. Press and release both the Sleep/Wake button and the Home button.
5. Verify the most recent photo is the same photo from step 3.

If "Allow screenshots" is checked in the iOS Over-the-Air management tool; "allowScreenShot " appears in the configuration profile; or by quickly pressing and releasing both the Sleep/Wake button and the Home button, the screen flashes when the screenshot is taken, and the screenshot is added to the Camera Roll album, this is a finding.
Fix Text (F-48816r1_fix)
Configure Apple iOS to disallow the screen capture function.

In the iOS Over-the-Air management tool, uncheck "Allow screenshot".

For example, in Mobile Iron Admin Portal, edit the configuration and deselect "Allow screen capture".