800-53|AC-7(2)

Title

PURGE / WIPE MOBILE DEVICE

Description

The information system purges/wipes information from [Assignment: organization-defined mobile devices] based on [Assignment: organization-defined purging/wiping requirements/techniques] after [Assignment: organization-defined number] consecutive, unsuccessful device logon attempts.

Supplemental

This control enhancement applies only to mobile devices for which a logon occurs (e.g., personal digital assistants, smart phones, tablets). The logon is to the mobile device, not to any one account on the device. Therefore, successful logons to any accounts on mobile devices reset the unsuccessful logon count to zero. Organizations define information to be purged/wiped carefully in order to avoid over purging/wiping which may result in devices becoming unusable. Purging/wiping may be unnecessary if the information on the device is protected with sufficiently strong encryption mechanisms.

Reference Item Details

Related: AC-19,MP-5,MP-6,SC-13

Category: ACCESS CONTROL

Parent Title: UNSUCCESSFUL LOGON ATTEMPTS

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.5 - AirWatch - Enable Erase DataMDMAirWatch - CIS Apple iOS 9 v1.0.0 L2
1.1.5 - AirWatch - Enable Erase DataMDMAirWatch - CIS Apple iOS 8 v1.0.0 L2
1.1.5 - MobileIron - Enable Erase DataMDMMobileIron - CIS Apple iOS 9 v1.0.0 L2
1.1.5 - MobileIron - Enable Erase DataMDMMobileIron - CIS Apple iOS 8 v1.0.0 L2
2.1.6 - AirWatch - Limit the 'Number of failed attempts allowed'MDMAirWatch - CIS Google Android 4 v1.0.0 L1
2.1.6 - MobileIron - Limit the 'Number of failed attempts allowed'MDMMobileIron - CIS Google Android 4 v1.0.0 L1
2.2.7 - AirWatch - Set Maximum number of failed attemptsMDMAirWatch - CIS Apple iOS 8 v1.0.0 L1
2.2.7 - AirWatch - Set Maximum number of failed attemptsMDMAirWatch - CIS Apple iOS 9 v1.0.0 L1
2.2.7 - MobileIron - Set Maximum number of failed attemptsMDMMobileIron - CIS Apple iOS 9 v1.0.0 L1
2.2.7 - MobileIron - Set Maximum number of failed attemptsMDMMobileIron - CIS Apple iOS 8 v1.0.0 L1
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMAirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMAirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMAirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMMobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMMobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1
2.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMMobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1
3.1.6 - AirWatch - Limit the 'Number of failed attempts allowed'MDMAirWatch - CIS Apple iOS 9 v1.0.0 L1
3.1.6 - AirWatch - Limit the 'Number of failed attempts allowed'MDMAirWatch - CIS Apple iOS 8 v1.0.0 L1
3.1.6 - MobileIron - Limit the 'Number of failed attempts allowed'MDMMobileIron - CIS Apple iOS 9 v1.0.0 L1
3.1.6 - MobileIron - Limit the 'Number of failed attempts allowed'MDMMobileIron - CIS Apple iOS 8 v1.0.0 L1
3.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMMobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1
3.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMMobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1
3.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMAirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1
3.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMAirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1
3.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMAirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1
3.4.5 Ensure 'Maximum number of failed attempts' is set to '6'MDMMobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1
MSFT-11-005400 - Microsoft Android 11 must allow the Administrator (EMM) to perform the following management function: Wipe Enterprise data.MDMAirWatch - DISA Microsoft Android 11 COPE v1r1
MSFT-11-005400 - Microsoft Android 11 must allow the Administrator (EMM) to perform the following management function: Wipe Enterprise data.MDMMobileIron - DISA Microsoft Android 11 COBO v1r1
MSFT-11-005400 - Microsoft Android 11 must allow the Administrator (EMM) to perform the following management function: Wipe Enterprise data.MDMMobileIron - DISA Microsoft Android 11 COPE v1r1
MSFT-11-005400 - Microsoft Android 11 must allow the Administrator (EMM) to perform the following management function: Wipe Enterprise data.MDMAirWatch - DISA Microsoft Android 11 COBO v1r1