Configure PIN
Summary
Devices that connect to the mobile network must have a personal identification number (PIN) configured on the SIM card.
Description
Mobile devices contain sensitive personal and professional data. The SIM card contains identity information, by adding a PIN the device implements an additional layer of protection to prevent unauthorized access to this information.
References
- OWASP10-A5. Security misconfiguration
- PADSS-1_1_3. Do not store personal identification number (PIN) or the encrypted PIN block
- CMMC-AC_L2-3_1_18. Mobile device connection
- CMMC-MP_L2-3_8_2. Media access
- CMMC-MP_L2-3_8_7. Removable media
- CMMC-PE_L1-3_10_5. Manage physical access
- CMMC-SC_L2-3_13_13. Mobile code
- HITRUST-01_x. Mobile computing and communications
- HITRUST-09_k. Controls against mobile code
- FEDRAMP-MP-2. Media access
- ISO27002-7_9. Security of assets off-premises
- ISO27002-8_1. User endpoint devices
- IEC62443-UC-2_3. Use control for portable and mobile devices
- IEC62443-UC-2_4. Mobile code
- NIST800171-1_18. Control connection of mobile devices
- SWIFTCSC-3_1. Physical security
- SIG-H_3_1_19. Access control
- SIG-M_1_25. End user device security
- ISO27001-7_9. Security of assets off-premises
- ISO27001-8_1. User endpoint devices
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.