Best Controls for Managing Organizational Data on Personal Devices
Question
An administrator is working with management to develop policies related to the use of the cloud-based resources that contain corporate data.
Management plans to require some control over organizational data stored on personal devices, such as tablets.
Which of the following controls would BEST support management's policy?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.A.
The best control that would support management's policy of having some control over organizational data stored on personal devices such as tablets is Mobile Device Management (MDM), option A. MDM is a solution that helps manage, monitor and secure mobile devices remotely, regardless of the operating system (OS) they run.
MDM provides several controls that can be implemented to secure corporate data on personal devices such as tablets. Some of these controls include:
Enforcing passcodes or biometric authentication: MDM can be used to enforce a password or biometric authentication for unlocking the device, ensuring that only authorized users can access the corporate data.
Remote wipe: In case a device is lost or stolen, MDM can be used to wipe all corporate data from the device, ensuring that the data remains secure.
App management: MDM can control which apps are installed on the device, ensuring that only authorized apps are installed.
Encryption: MDM can enforce encryption on all data stored on the device, ensuring that the data is protected in case of loss or theft.
Network access control: MDM can control which networks the device can connect to, ensuring that only authorized networks are used to access corporate data.
Sandboxing, option B, is a security mechanism used to isolate an application or process from the rest of the system. While this can be useful for protecting against certain types of attacks, it is not directly related to managing corporate data on personal devices.
Mobile tokenization, option C, is a process that replaces sensitive data on a mobile device with a token, which is a randomly generated string of characters. This can help protect sensitive data in case the device is lost or stolen, but it does not provide management with any control over the data on the device.
Full Disk Encryption (FDE), option D, is a security mechanism that encrypts all data on a storage device, such as a hard drive or solid-state drive. While this can help protect the data in case the device is lost or stolen, it does not provide management with any control over the data on the device.
Multi-Factor Authentication (MFA), option E, is a security mechanism that requires users to provide two or more forms of authentication, such as a password and a fingerprint scan. While this can help prevent unauthorized access to the device, it does not provide management with any control over the data on the device.
Therefore, MDM is the best option for management to have control over organizational data stored on personal devices such as tablets.
