Threat Category: Enterprise Mobility
ID: EMM-8
Threat Description: Personal data may be intentionally or unintentionally wiped from devices, by MDM administrators or attackers.
Threat Origin
Personal Data Security and the ‘‘BYOD’’ problem: Who is Truly at Risk? 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
Consider the use of EMM/MDM solutions that can be configured to require dual authorization (two administrative users) to trigger device wipe functions, or at a minimum, solutions for which wiping functions involve multiple steps to complete.
To enable recovery of personal data wiped from a managed device, provide a mechanism for users to preserve personal data, such as encrypted back-ups to the native cloud service (e.g. iCloud Backup & Storage).
To limit the potential loss of personal data, encourage users of enrolled devices to use authorized mechanisms for the synchronization or transfer of personal data to external systems not subject to remote wipe by enterprise EMM solutions.
Educate users regarding the risks to any personal data generated on an enrolled mobile device.
References
D. Denslow, “Personal Data Security and the “BYOD” Problem: Who is Truly at Risk?”, blog, 19 Nov. 2014; http://jolt.richmond.edu/index.php/blog-personal-data-security-and-the-byod-problem-who-is-truly-at-risk/ [accessed 8/24/2016] ↩