iOS Hardening Configuration Guide - DSD

More documents

Recommendations

Info

Device lost, still on Network Device Lost, off Network Device lost, casual access attempt Risk Mitigations Implied Preconditions Device lost, forensic access attempt without passcode knowledge Jailbreaking Malicious Runtime Code Users cut and paste agency data into a public email account ( e.g. Mobile Me, Yahoo or Gmail ) and sent it from the device. Network Trust Strong Passcode, Data Protection Enabled, Remote Wipe, Find My iPhone/iPad. Strong Passcode, Local Wipe, Data Protection Enabled. Strong Passcode, Local Wipe, Data Protection Enabled. Strong Passcode, Local Wipe, Data Protection Enabled, App usage of appropriate data protection class 8 . Strong Passcode, Data Protection Enabled, Use of devices with Hardware Cryptographic Module, Use of MDM Console, use of VDI infrastructure. MDM App or Enterprise apps with “canary” code to detect and report jailbreaking, AUP should prohibit jailbreaking. Code signing, Memory and Filesystem Sandboxing, Use of VDI infrastructure, No-Execute Heap, Disable User Added Applications, Do not Jailbreak Operational Devices. On iOS 4.3.3 Disable the creation of separate email accounts, and restrict access to webmail via custom APN and agency proxy, disable screen shots on device via Configuration Profile, Filter sensitive mail or attachments at the EAS gateway, Use of VDI for sensitive email, Containing agency email to a sandboxed email App such as Good for Enterprise. Use of 802.1X NAC, IPSEC or SSL VPN, encrypted VDI. Configuration Profiles, EAS or MDM Server in a network reachable location. MobileMe Configuration Profiles, Device restored to iOS 4 prior to use in field. Configuration Profiles, Device restored to iOS 4 prior to use in field. Configuration Profiles, Device restored to iOS 4 prior to use in field. Jailbreaking from host computer when device passcode is known is still likely to be feasible. In-house application development capability, CA infrastructure. May mitigate on lower security levels by “approved” lists and MDM monitoring as mitigation. Configuration Profiles, Use of agency proxy. Note that any data that is displayed on the screen of any device can be photographed or video recorded by a camera, and sent via other means. This kind of leakage by deliberate action generally cannot be mitigated well for a mobile device. 8 Information for developers implementing data protection classes is available from: http://developer.apple.com/videos/wwdc/2010/?id=209 Use of 802.1X with CA & NAC on Wireless, VPN on Demand with client certificates for agency network access, Use of SSL reverse proxy for low security data. 43 | D efence Signals Directorate
Firewall Risk Mitigations Implied Preconditions Data compromise via host computer backup Data compromise via Bluetooth Use of Custom APN on 3G, 802.1X, SSL VPN. Force encrypted profile onto device, User education, Physical security of backup host, iTunes in host SOE. iOS 4.3.3 only includes 4 or 6 of the 26 Bluetooth profiles, depending on device, and specifically does not include file transfer related Bluetooth profiles. Included profiles are for microphone, speakers, and human input devices, as well as Apps that use a Bluetooth PAN. See http://support.apple.com/kb/HT3647 A custom APN is an arrangement with your telephone carrier. This allows devices on 3G data to have a deterministic IP range that can be more easily firewalled or proxied. SSL CA infrastructure to sign and encrypt profiles into agency chain of trust. Potentially allow use of locked down iTunes configuration on agency computers so backup resides on agency assets. Apps that share information via Bluetooth PAN not approved for use on devices where this vector is a concern. 44 | D efence Signals Directorate
Page 1 and 2: iOS Hardening Configuration Guide F
Page 3 and 4: Audience This guide is for users an
Page 5 and 6: Using this Guide The following list
Page 7 and 8: Chappter Onne Introoductioon to Mob
Page 9 and 10: The fireewall rules aapplied to th
Page 11 and 12: ensured, due to both ‘Man-in-the-
Page 13 and 14: Question Comments/Selection Does my
Page 15 and 16: Chapter Two Installing iOS 4 This c
Page 17 and 18: Chappter Thhree Secuurity Feeatures
Page 19 and 20: Find My iPhone user interface Gener
Page 21 and 22: Conteent Filterinng Access to intra
Page 23 and 24: Chapter Four Suggested Policies Thi
Page 25 and 26: Feature Unclassified XX-in-Confiden
Page 27 and 28: � � � Passcode (can be set vi
Page 29 and 30: VPN � IPSec and SSL are DSD Appro
Page 31 and 32: Chapter Six Mobile Device Managemen
Page 33 and 34: Example of approved or re ecommendd
Page 35 and 36: Task Comments Provide staff with tr
Page 37 and 38: Appendix B Configuration Profiles F
Page 39 and 40: Appendix C Sample Scripts This appe
Page 41 and 42: make new VPN payload with propertie
Page 43: Appendix E Risk Management Guide Th

iOS Hardening Configuration Guide - DSD

Create successful ePaper yourself

Delete template?

Save as template?