← Back to catalog
AC-7(2)

Purge or Wipe Mobile Device

Access Control (AC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Purge or wipe information from [assignment] based on [assignment] after [assignment] consecutive, unsuccessful device logon attempts.

Discussion

A mobile device is a computing device that has a small form factor such that it can be carried by a single individual; is designed to operate without a physical connection; possesses local, non-removable or removable data storage; and includes a self-contained power source. Purging or wiping the device applies only to mobile devices for which the organization-defined number of unsuccessful logons occurs. The logon is to the mobile device, not to any one account on the device. Successful logons to accounts on mobile devices reset the unsuccessful logon count to zero. Purging or wiping may be unnecessary if the information on the device is protected with sufficiently strong encryption mechanisms.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.