Certified Information Security Manager (CISM) — Question 1069

Which of the following is the MOST effective data loss control when connecting a personally owned mobile device to the corporate email system?

Answer options

• A. Email must be stored in an encrypted format on the mobile device.
• B. Users must agree to the use of biometric multi-factor authentication (MFA).
• C. A senior manager must approve each new connection.
• D. Email synchronization must be prevented when connected to a public Wi-Fi hotspot.

Correct answer: A

Explanation

Storing email in an encrypted format on the mobile device is the most effective control as it protects sensitive information even if the device is lost or compromised. While biometric MFA enhances security, it does not directly prevent data loss. Requiring managerial approval for connections can slow down the process but does not ensure data protection. Preventing email sync on public Wi-Fi is important, but it is a reactive measure compared to proactive encryption.