Skip to content

Publish data spill procedures for mobile devices

An XCCDF Rule

Description

When a data spill occurs on a mobile device, classified or sensitive data must be protected to prevent disclosure. After a data spill, the mobile device must either be wiped using approved procedures, or destroyed if no procedures are available, so classified or sensitive data is not exposed. If a data spill procedure is not published, the site may not use approved procedures to remediate after a data spill occurs and classified data could be exposed.

Property Value
Responsibility Other

ID
SV-30692r6_rule
Version
WIR-SPP-003-01
Severity
Medium
Updated

Remediation Templates

A Manual Procedure

Publish a Classified Message Incident (CMI) procedure or policy for the site.