Certified in Risk and Information Systems Control (CRISC) — Question 833

An organization has an approved bring your own device (BYOD) policy. Which of the following would BEST mitigate the security risk associated with the inappropriate use of enterprise applications on the devices?

Answer options

• A. Enable a remote wipe capability for BYOD devices.
• B. Periodically review applications on BYOD devices.
• C. Include BYOD in organizational awareness programs.
• D. Implement BYOD mobile device management (MDM) controls.

Correct answer: D

Explanation

Implementing BYOD mobile device management (MDM) controls is the most effective method as it allows for comprehensive management and security enforcement across all devices. While enabling remote wipe capabilities and reviewing applications are helpful, they do not provide the same level of ongoing control and policy enforcement that MDM offers. Similarly, including BYOD in awareness programs raises understanding but does not directly mitigate security risks.