An IS auditor finds that an employee lost a mobile device containing sensitive company data.
Which of the following would have BEST prevented data leakage?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The BEST option to prevent data leakage in the scenario described is B. Data on the device was encrypted.
Explanation:
A. The employee promptly reported the lost device: Promptly reporting the lost device is a good practice and can minimize the risk of data leakage if the device falls into the wrong hands. However, it does not prevent the data from being accessed by an unauthorized party who may have found the device.
B. Data on the device was encrypted: Encryption is the process of converting information into a code to prevent unauthorized access. If the data on the device was encrypted, it would be protected from unauthorized access, even if the device was lost or stolen.
C. The employee acknowledged the acceptable use policy: While acknowledging the acceptable use policy is an important step, it does not prevent data leakage in this scenario.
D. Data on the device was backed up: Backing up data is an important practice to ensure that data can be recovered in the event of data loss or device failure. However, it does not prevent data leakage if the device falls into the wrong hands.
In conclusion, the best option to prevent data leakage in this scenario is to ensure that data on the device is encrypted.