An organization issues smartphones to employees and manages them with a mobile device management (MDM) platform. Which MDM policy BEST minimizes the risk that sensitive corporate data on the phone can be read if the device is lost or stolen?
Restrict the device to connect only to approved Wi-Fi networks.
Requiring full-device encryption ensures that data on the smartphone's internal storage is unreadable without the user's passcode. Even if an attacker removes the storage medium or uses forensic tools, the encrypted data cannot be accessed. Settings such as short screen-lock timeouts, camera restrictions, or Wi-Fi whitelisting provide security benefits but do not protect data at rest when the device is physically out of the company's control.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is full-device encryption, and why is it important for securing data?
Open an interactive chat with Bash
How does a passcode enhance the effectiveness of full-device encryption?
Open an interactive chat with Bash
Why don't screen timeouts or camera restrictions provide the same level of protection as encryption?