STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 7 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Apple iOS/iPadOS 17 MDFPP 3.3 BYOAD Security Technical Implementation Guide

V-259792

CAT II (Medium)

Apple iOS/iPadOS 17 must disable copy/paste of data from managed to unmanaged applications.

Rule ID

SV-259792r959010_rule

STIG

Apple iOS/iPadOS 17 MDFPP 3.3 BYOAD Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000097CCI-000366

Discussion

If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DOD information systems. An adversary could exploit vulnerabilities created by the weaker configuration to compromise DOD sensitive information. SFR ID: FMT_SMF_EXT.1.1 #47

Check Content

Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review.

In the iOS management tool, verify "Require managed pasteboard" is set to "True".

If "Require managed pasteboard" is not set to "True", this is a finding.

Fix Text

Configure the Apple iOS configuration profile to disable copy/paste of data from managed to unmanaged applications.

The procedure for implementing this control will vary depending on the MDM/EMM used by the mobile service provider.

In the MDM console, set "Require managed pasteboard" to "True".