Apple provides the capability to manage macOS, iOS and iPadOS using Mobile Device Management (MDM). Profiles are used to configure devices to enforce security controls as well as to configure the devices for authorized access. Many security controls available on Apple devices are only available through the use of profile settings using MDM. This capability is also misused by attackers who have added rogue profiles to the list of unwanted software and fake software updates to induce users to approve the installation of malicious content. Organizations should have Mobile Device management software in place to harden organizationally managed devices and take advantage of additional Apple controls as well as to make the devices more resistant to attackers enticing users to install unwanted content from rogue MDMs. Rationale: Mobile Device Management is the preferred Apple method to manage Apple devices. Some capability in this technology is a requirement for the enforcement of some controls. Users with managed devices should be trained and familiar with authrized content provided through the organizations' MDM. Impact: An MDM is yet another additional tool that requires technically adept personnel to manage correctly. In theory proper use of an MDM can make services provisioning simpler with configuration profiles to reach authorized services. Remediation: Enroll the system in a Mobile Device Management software.

[Yes/No]

Remediation: Enroll the system in a Mobile Device Management software.