Allow data destruction
Summary
The mobile device must allow remote data destruction in case of loss.
Description
In cases where a mobile devices are lost or stolen, there is a risk that someone could gain access to the data stored on the device. Remote data destruction provides a mechanism to mitigate this risk by allowing the device owner or an administrator of the organization to initiate the deletion of data from the device.
Supported In
This requirement is verified in following services
| Plan | Supported |
|---|---|
| Essential | 🔴 |
| Advanced | 🟢 |
References
- HIPAA-164_310_d_2_i. Disposal (required)
- HIPAA-164_312_e_2_i. Integrity controls (addressable)
- CCPA-1798_105. Consumer's right to delete personal information
- CMMC-AC_L2-3_1_21. Portable storage use
- CMMC-MP_L2-3_8_7. Removable media
- FedRAMP-MP-6. Media sanitization
- ISO/IEC 27002-7_10. Storage media
- ISA/IEC 62443-UC-2_3. Use control for portable and mobile devices
- SIG Lite-SL_142. Is there a mobile device management solution in place?
- SIG Core-M_1_25. End user device security
- ISO/IEC 27001-7_10. Storage media
Vulnerabilities
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.