An error occurred:

Check: AIOS-18-018100

Apple iOS/iPadOS 18 STIG: AIOS-18-018100 (in version v1 r4)

Title

Apple iOS/iPadOS 18 must implement the management setting: disable Camera. (Cat II impact)

Discussion

Authorizing Official (AO) approval is required before the Apple device camera can be enabled for a specific user or group of users, based on a risk assessment of the operational environment. Camera use may lead to the exposure of sensitive DOD information in some operational environments. SFR ID: FMT_MOF_EXT.1.2 #47

Check Content

Determine if the site AO has approved the use of Apple device cameras. Look for a document showing approval for a specific user or group of users. If not approved, review configuration settings to confirm "Allow Camera" is disabled. If approved, this requirement is not applicable. This a supervised-only control. If the iPhone or iPad being reviewed is not supervised by the MDM, this control is automatically a finding (if the AO has not approved the use of the Apple device camera). If the iPhone or iPad being reviewed is supervised by the MDM, follow these procedures: This check procedure is performed on both the device management tool and the iPhone. Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review. In the iOS management tool, verify "Allow Camera" is unchecked. On the iPhone: 1. Open the Settings app. 2. Tap "General". 3. Tap "VPN & Device Management". 4. Tap the Configuration Profile from the iOS management tool containing the restrictions policy. 5. Tap "Restrictions". 6. Verify "Camera not allowed" is listed. If the AO has not approved Apple device camera use, "Allow camera" is listed in the management tool, and "Camera not allowed" is not listed on the Apple device, this is a finding.

Fix Text

If the AO has not approved the use of Apple device cameras, install a configuration profile to disable camera use. This a supervised-only control.

Additional Identifiers

Rule ID: SV-276224r1116200_rule

Vulnerability ID: V-276224

Group Title: PP-MDF-993300

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

Implement the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings