DOD Apple iOS/iPadOS 26 devices must have a Mobile Threat Detection (MTD) app installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-278847 | AIOS-26-017700 | SV-278847r1151241_rule | CCI-000366 | medium |
| Description | ||||
| DOD mobile devices are in constant risk of cyber threats. MTD apps partially mitigate these risks by providing real-time threat detection, malware prevention, and vulnerability analysis. SFR ID: FMT_MOF_EXT.1.2 #47 | ||||
| STIG | Date | |||
| Apple iOS/iPadOS 26 Security Technical Implementation Guide | 2025-12-01 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · V1R2 · disa_xccdf · related
Details
Check Text (C-278847r1151241_chk)
Confirm an MTD app is installed on managed iPhones and iPads.
This check procedure is performed on both the device management tool and the iPhone and iPad device.
In the iOS/iPadOS management tool, verify an MTD app is listed as a managed app being deployed to site managed devices.
On the iPhone/iPad device:
1. Open the Settings app.
2. Tap "General".
3. Tap "VPN & Device Management".
4. Tap the Configuration Profile from the iOS management tool containing the restrictions policy.
5. Tap "Apps".
6. Verify a MTD app is listed.
If an MTD app is not installed on the device, this is a finding.
Fix Text (F-83286r1151240_fix)
Deploy a site-approved MTD app via the MDM server to managed iPhones and iPads.