The Apple iOS 10 Security Technical Implementation Guide (STIG) provides the technical security policies, requirements, and implementation details for applying security concepts to Apple devices running iOS 10 that process, store, or transmit unclassified data marked as “Controlled Unclassified Information (CUI)” or below. The STIG is based on the Mobile Device Fundamentals Protection Profile (MDFPP) version 2 STIG Template. Requirements compliance is achieved by leveraging a combination of configuration profiles, user-based enforcement (UBE), and reporting. DoD Common Access Card (CAC) and the DoD Information System Consent Banner can be supported with third-party software.
This document is a requirement for all DoD-administered systems and all systems connected to DoD networks. These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), IAOs, and System Administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.
- Specialized Security-Limited Functionality (SSLF)
Department of Defense [DoD] 8500
Comments or proposed revisions to this document should be sent via email to the following address: firstname.lastname@example.org. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA FSO maintenance release schedule.
Updated to Ver 1, Rel 2 - 01/27/2017
Updated to FINAL - 03/13/2017
Updated to Version 1, Release 3 - 04/28/2017
Updated to FINAL - 05/30/2017
Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19
Updated URLs - 6/4/19
Updated URLs - 6/24/19
Updated URLs - 9/11/19
NIST checklist record last modified on 09/11/2019