Check: AIOS-02-080004
Apple iOS 8 ISCG:
AIOS-02-080004
(in version v1 r1)
Title
Apple iOS must not allow use of the iCloud Keychain. (Cat II impact)
Discussion
The iCloud Keychain is an iOS function that will store users' account names and passwords in iCloud, then synchronize this data between the users' Macs, iPhones, and iPads. An adversary may use any of the stored iCloud keychain passwords after unlocking one of the synchronized devices. If a user is synchronizing devices, the user must protect all of the devices to prevent unauthorized use of the passcodes. Moreover, the keychain being transmitted through the cloud opens the possibility that a well-resourced, sophisticated adversary could compromise the cloud-transmitted keychain. Not allowing the iCloud Keychain feature mitigates the risk of the encrypted set of passwords being compromised when transmitted through the cloud or synchronized across multiple devices. SFR ID: FMT_SMF.1.1 #42
Check Content
Review configuration settings to confirm iCloud keychain is disabled. This check procedure is performed on both the iOS management tool and the iOS device. Note: If an organization has multiple configuration profiles, then the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review. In the iOS management tool, verify "Allow iCloud keychain" is unchecked. Alternatively, verify the text "<key>allowCloudKeychainSync</key><false/>" appears in the configuration profile (.mobileconfig file). On the iOS device: 1. Open the Settings app. 2. Tap "iCloud". 3. Verify "Keychain" is not listed. 4. If "Keychain" is listed, tap "Keychain" and verify "iCloud Keychain" is off. If the "Allow iCloud keychain" is checked in the iOS management tool, "<key>allowCloudKeychainSync</key><true/>" appears in the configuration profile, or iCloud Keychain is toggled to the right and appears green on the iOS device, this is a finding.
Fix Text
Install a Configuration Profile to disable iCloud keychain.
Additional Identifiers
Rule ID:
Vulnerability ID: V-54251
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |