Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

27) Can your organisation perform a remote wipe of organisation data on all BYOD endpoint devices?

August 30, 2022

Answer yes if your organisation requires technical enforcement of security controls on mobile phones and tablets before access to company data or services is granted. For example, this could be done through the use of MDM (Mobile Device Management) software. In the notes, please describe the nature of the controls, the method of enforcement and any related processes.

If an employee misplaces or has a BYOD endpoint device stolen, it is important that your business can remotely wipe confidential business data to prevent unauthorised access.

There are some limitations to remote wiping, so this control is most effective when combined with full-disk encryption, which is covered in a separate control.

How to implement the control

The best way to manage remote wipe capabilities on BYOD endpoint devices is through a comprehensive Mobile Device Management (MDM) or Unified Endpoint Management (UEM) solution, which can often facilitate many of the endpoint device controls covered in this framework. Before looking for a separate remote wipe solution, check whether any of your existing MDM or UEM solutions provide this functionality.

If an MDM or UEM solution is not in place, third-party software can sometimes provide remote wipe capabilities. If you choose this option, carefully assess the credibility and security of any third-party provider before deployment.

Your organisation must have a defined process for performing a remote wipe when an employee reports a BYOD endpoint device as lost or stolen, and ensure employees are aware of the process through regular information security awareness training.

If you would like to contribute to this article or provide feedback, please email knowledge@riskledger.com. Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.