214 – Allow data destruction

Summary

The mobile device must allow remote data destruction in case of loss.

Description

In cases where a mobile devices are lost or stolen, there is a risk that someone could gain access to the data stored on the device. Remote data destruction provides a mechanism to mitigate this risk by allowing the device owner or an administrator of the organization to initiate the deletion of data from the device.

Supported In

Advanced: True

References

• HIPAA-164_310_d_2_i. Disposal (required)
• HIPAA-164_312_e_2_i. Integrity controls (addressable)
• CCPA-1798_105. Consumer's right to delete personal information
• CMMC-AC_L2-3_1_21. Portable storage use
• CMMC-MP_L2-3_8_7. Removable media
• FEDRAMP-MP-6. Media sanitization
• ISO27002-7_10. Storage media
• IEC62443-UC-2_3. Use control for portable and mobile devices
• SIGLITE-SL_142. Is there a mobile device management solution in place?
• SIG-M_1_25. End user device security
• ISO27001-7_10. Storage media

Last updated

2024/01/18