![]() Jailbreaking takes advantage of known vulnerabilities in the operating system to bypass and disable the security controls that prevent unauthorized software from executing in iOS. įor high-security environments, plan on replacing devices every 2-3 years in order to stay current on operating system releases. Instructions for updating iOS devices are at. Upgrade to the latest supported version for your device. Not all devices will support the most recent version of iOS. UT Note: Addendum 1Īpple devices ship with the most current version of the operating system available when the device was manufactured, but new updates often address security vulnerabilities in addition to bug fixes and adding new features. This list provides specific tasks related to the computing environment at The University of Texas at Austin. Restrict access to Location Services, Contacts, Photos, etc.ĭisable access to Control Center on Lock ScreenĮnable Private Browsing in Mobile Safari as neededġThese security settings are proactive in nature but are intended for devices where there exists a very high need for security, as they may negatively impact the user experience and interfere with the functionality and utility of many applications. Turn off Personal Hotspot when not in useįorget Wi-Fi networks to prevent automatic rejoin Update operating system to the latest versionĭo not Jailbreak iOS to sideload applicationsĮnable Automatic Downloads of App UpdatesĮrase all data before return, repair, or recycleĮrase data upon excessive passcode failuresĭisable AutoFill for sensitive information ![]() Configuration ProfilesĪpple provides the Apple Configurator 2 (available through the App Store), which can be used to mass configure and manage large numbers of iOS devices. ![]() Some security settings and options may not be available on older devices. Earlier versions of the hardware and operating system software do not support key security features, such as hardware encryption. Supported devices include the iPhone 3GS and newer, all iPads, and the iPod Touch 3rd generation and newer, running iOS 4 and above. All steps are recommended.Ĭat II/III - For systems that include category II or III data, all steps are recommended, and some are required (denoted by the !). UT Note - The notes at the bottom of the pages provide additional detail about the step for the university computing environment.Ĭat I - For systems that include category I data, required steps are denoted with the ! symbol. The CIS documents outline in much greater detail how to complete each step. To Do - Basic instructions on what to do to harden the respective systemĬIS - Reference number in The Center for Internet Security (CIS) benchmarks. If there is a UT Note for this step, the note number corresponds to the step number.Ĭheck (√) - This is for administrators to check off when she/he completes this portion. The Information Security Office has distilled the CIS benchmark down to the most critical steps for your devices, with a particular focus on configuration issues that are unique to the computing environment at The University of Texas at Austin. The hardening checklists are based on the comprehensive checklists produced by CIS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |