Apple iOS/iPadOS 26 must disable the use voice assistant (Show user-generated content in Siri) unless required to meet Section 508 compliance requirements.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
low	V-278834	PP-MDF-993300	AIOS-26-016200	SV-278834r1151202_rule	2025-12-01	1

Description
The use of voice assistants could expose sensitive DOD data to cloud-based servers during the processing of assistant requests. SFR ID: FMT_MOF_EXT.1.2 #47

ℹ️ Check
Review configuration settings to confirm it is disabled. Exception - Siri allowed to meet Section 508 compliance requirements. Note: This control may not be configurable by some MDM products when "Allow Siri" is disabled. This is a supervised-only control. If the iPhone or iPad being reviewed is not supervised by the MDM, this control is automatically a finding. If the iPhone or iPad being reviewed is supervised by the MDM, follow these procedures: This check procedure is performed on both the device management tool and the iPhone and iPad device. Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review. In the iOS/iPadOS management tool, verify "Show user-generated content in Siri" or "Allow Siri" is unchecked. On the iPhone/iPad device: 1. Open the Settings app. 2. Tap "General". 3. Tap "VPN & Device Management". 4. Tap the Configuration Profile from the iOS management tool containing the restrictions policy. 5. Tap "Restrictions". 6. Verify "Show user-generated content in Siri not allowed" or "Siri not allowed" is listed. If "Show user-generated content in Siri" is not disabled or Siri is not disabled in the management tool and on the Apple device, this is a finding.

ℹ️ Check

Review configuration settings to confirm it is disabled. Exception - Siri allowed to meet Section 508 compliance requirements. Note: This control may not be configurable by some MDM products when "Allow Siri" is disabled. This is a supervised-only control. If the iPhone or iPad being reviewed is not supervised by the MDM, this control is automatically a finding. If the iPhone or iPad being reviewed is supervised by the MDM, follow these procedures: This check procedure is performed on both the device management tool and the iPhone and iPad device. Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review. In the iOS/iPadOS management tool, verify "Show user-generated content in Siri" or "Allow Siri" is unchecked. On the iPhone/iPad device: 1. Open the Settings app. 2. Tap "General". 3. Tap "VPN & Device Management". 4. Tap the Configuration Profile from the iOS management tool containing the restrictions policy. 5. Tap "Restrictions". 6. Verify "Show user-generated content in Siri not allowed" or "Siri not allowed" is listed. If "Show user-generated content in Siri" is not disabled or Siri is not disabled in the management tool and on the Apple device, this is a finding.

✔️ Fix
Install a configuration profile to disable "Show user-generated content in Siri", unless required to meet Section 508 compliance requirements. This is a supervised-only control. Note: This control may not be configurable by some MDM products when "Allow Siri" is disabled. Configuration Profile Key: allowAssistantUserGeneratedContent