U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

APPLE iOS 8 INTERIM SECURITY CONFIGURATION GUIDE (ISCG) Version 1, Release 1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Apple iPhone OS 8.0 cpe:/o:apple:iphone_os:8.0 (View CVEs)

Checklist Highlights

Checklist Name:
APPLE iOS 8 INTERIM SECURITY CONFIGURATION GUIDE (ISCG)
Checklist ID:
508
Version:
Version 1, Release 1
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
09/18/2014

Checklist Summary:

The Apple iOS 8 Interim Security Configuration Guide (ISCG) Overview provides the technical security policies, requirements, and implementation details for applying security concepts to Apple devices running iOS 8 that process, store, or transmit u nclassified data marked as “For Official Use Only (FOUO)” or below. The ISCG is based on the Mobile Device Fundamentals Protection Profile (MDFPP) Security Technical Implementation Guide (STIG) Template, Version 1, Release 1. Requirements compliance is achieved by leveraging a combination of Configuration Profiles, user-based enforcement (UBE), and reporting. DoD Common Access Card (CAC) and the DoD Information System Consent Banner can be supported with third-party software.

Checklist Role:

  • Operating System

Known Issues:

Not Provided

Target Audience:

This document is a requirement for all DoD-administered systems and all systems connected to DoD networks. These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not Provided

Regulatory Compliance:

DoD Instruction (DoDI) 8500.01 requires that “all IT that receives, processes, stores, displays, or transmits DoD information will be [...] configured [...] consistent with applicable DoD cybersecurity policies, standards, and architectures” and tasks that Defense Information Systems Agency (DISA) “develops and maintains control correlation identifiers (CCIs), security requirements guides (SRGs), security technical implementation guides (STIGs), and mobile code risk categories and usage guides that implement and are consistent with DoD cybersecurity policies, standards, architectures, security controls, and validation procedures, with the support of the NSA/CSS, using input from stakeholders, and using automation whenever possible. ” This document is provided under the authority of DoDI 8500.01.

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA FSO maintenance release schedule.

Disclaimer:

Not Provided

Product Support:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA FSO maintenance release schedule.

Point of Contact:

disa.stig_spt@mail.mil

Sponsor:

Not Provided

Licensing:

Not Provided

Change History:

Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 04/15/2019