For an enterprise implementing a bring your own device program, which of the following would provide the BEST security for corporate data residing on unsecured mobile devices?
The correct answer is B because containerization separates corporate data and applications from personal data and applications on a mobile device. In a bring your own device environment, the organization does not fully control the endpoint because it is personally owned and may be used on untrusted networks or with unmanaged applications. A containerization solution helps protect enterprise information by enforcing encryption, access controls, remote wipe, data sharing restrictions, and policy controls within the corporate container. An acceptable use policy is important, but it is administrative and does not technically protect data stored on the device. Data loss prevention can help detect or block unauthorized data movement, but it may not provide the same direct separation and control over mobile data. A device certification process helps assess device suitability, but certification alone does not secure corporate data after deployment. In CISM, controls should be selected based on risk and effectiveness. Containerization is the strongest option for protecting corporate data on unsecured BYOD devices.
[Reference: CISM Information Risk Management; mobile device risk, BYOD security, data protection, and compensating control principles., , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit