Back

Include requiring users to create data backups in the mobile device security guidelines.


CONTROL ID
12289
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain mobile device security guidelines., CC ID: 04723

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Controls over mobile computing are required to manage the risks of working in an unprotected environment. In protecting AIs’ information, AIs should establish control procedures covering: - an approval process for user requests for mobile computing; - authentication controls for remote access to n… (3.5.2, Hong Kong Monetary Authority: TM-G-1: General Principles for Technology Risk Management, V.1 – 24.06.03)
  • backup all important data and configuration settings. (Security Control: 1555; Revision: 0; Bullet 7, Australian Government Information Security Manual, March 2021)
  • backup all important data and configuration settings. (Control: ISM-1555; Revision: 1; Bullet 7, Australian Government Information Security Manual, June 2023)
  • backup all important data and configuration settings. (Control: ISM-1555; Revision: 1; Bullet 7, Australian Government Information Security Manual, September 2023)
  • The mobile device policy shall require the BYOD user to perform backups of data, prohibit the usage of unapproved application stores, and require the use of anti-malware software (where supported). (MOS-17, Cloud Controls Matrix, v3.0)