|AC-7 (2) Purge / Wipe Mobile Device || |
This control enhancement applies only to mobile devices for which a logon occurs (e.g., personal digital assistants, smart phones, tablets). The logon is to the mobile device, not to any one account on the device. Therefore, successful logons to any accounts on mobile devices reset the unsuccessful logon count to zero. Organizations define information to be purged/wiped carefully in order to avoid over purging/wiping which may result in devices becoming unusable. Purging/wiping may be unnecessary if the information on the device is protected with sufficiently strong encryption mechanisms.
The information system purges/wipes information from Assignment: organization-defined mobile devices based on Assignment: organization-defined purging/wiping requirements/techniques after Assignment: organization-defined number consecutive, unsuccessful device logon attempts.