...
Description: Configures a few basic security settings to meet the Minimum Standards for Category I data on handheld devices. These settings address steps 6, 8, 10, 11, 12, 13, and 14 from the hardening checklist. Additional action is required to complete the remaining steps. Upon first backup after installing this profile, users will be prompted to specify a password that will be used to encrypt future backups. This password will be required in order to perform each subsequent backup as well as restore a device using that backup set.
File: ISOMinSecStandards.mobileconfig
Payload | Setting | Value |
|---|---|---|
Passcode | Require passcode on device | true |
| Allow simple value | true |
| Require alphanumeric value | false |
| Minimum passcode length | 4 |
| Auto-Lock (1-5 minutes, or none) | 5 minutes |
| Grace period for device lock | immediately |
| Maximum number of failed attempts | 10 |
Restrictions | Allow use of Safari | true |
| Force fraud warning | true |
| Force encrypted backups | true |
...
Description: This is higher security version of the previous profile that exceeds the minimum standard but offers better protection. Of most note is that the passcode minimum length requirement is changed from the default of 4 to 5. Passcodes may optionally be longer than 5 characters. Alphanumeric values are allowed, but not required. If a numeric value is set as the passcode, only the number pad will be displayed when the user is prompted for the passcode. The full keyboard is only shown when the passcode contains non-numeric characters.
File: ISOHighSecurity.mobileconfig
Payload | Setting | Value |
|---|---|---|
Passcode | Require passcode on device | true |
| Allow simple value | false |
| Require alphanumeric value | false |
| Minimum passcode length | 5 |
| Auto-Lock (1-5 minutes, or none) | 1 minute |
| Grace period for device lock | immediately |
| Maximum number of failed attempts | 10 |
Restrictions | Allow use of Safari | true |
| Force fraud warning | true |
| Force encrypted backups | true |
Copyright © 2001-2011 Information Technology Services. All rights reserved.This content has moved.
Please see: https://security.utexas.edu/handheld-hardening-checklists/ios