After an employee was terminated, the company discovered the employee still had access to emails and attached content that should have been destroyed during the off-boarding. The employee’s laptop and cell phone were confiscated and accounts were disabled promptly. Forensic investigation suggests the company’s DLP was effective, and the content in question was not sent outside of work or transferred to removable media. Personality owned devices are not permitted to access company systems or information.
Which of the following would be the MOST efficient control to prevent this from occurring in the future?
A . Install application whitelist on mobile devices.
B . Disallow side loading of applications on mobile devices.
C . Restrict access to company systems to expected times of day and geographic locations.
D . Prevent backup of mobile devices to personally owned computers.
E . Perform unannounced insider threat testing on high-risk employees.
Answer: C
Leave a Reply