UCF STIG Viewer Logo

Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted.


Finding ID Version Rule ID IA Controls Severity
V-54241 AIOS-01-080006 SV-68487r1_rule High
Encryption is only effective if the decryption procedure is protected. If an adversary can easily access the private key (either directly or through a software application), sensitive DoD data is likely to be disclosed. Password protection is one method to reduce the likelihood of such an occurrence. SFR ID: FMT_SMF.1.1 #42
Apple iOS 8 Interim Security Configuration Guide 2014-09-16


Check Text ( C-54877r3_chk )
Review configuration settings to confirm the device is set to require a passcode before use.

This procedure is performed on the iOS device.

On the iOS device:
1. Lock the device.
2. Wait the duration of the “Grace Lock” period.
3. Attempt to unlock the device.
4. Verify the unlock screen cannot be bypassed without entering a passcode.

If the unlock screen can be bypassed without entering a passcode, this is a finding.
Fix Text (F-59095r1_fix)
Install a Configuration Profile to require a password to unlock the device.