Instant 27001 demo environment
A.8.1 User endpoint devices
Owned by Maurice Pasman
Jul 10, 2022
1 min readLoading data...
Control details
| Requirement | Information stored on, processed by or accessible via user endpoint devices shall be protected. |
|---|---|
| Instruction | Develop a policy that contain statements about the use of laptops, tablets, mobile phones and will describe whether or not people are allowed to use their own devices (BYOD) to gain access to the organization's information systems. Think about security measures such as disk encryption, VPN, privacy screens, sand boxing, disabling app stores, remote wipe and anti virus/malware. |
| Implementation | This is covered in the Endpoint device policy |
| Status | Implemented |
| Applicable | YES |
| Reason | Risk assessment |
Check details
| Owner | Security officer |
|---|---|
| Frequency | Quarter |
| Instruction | Sample some (BYOD) devices and check if they comply to the Endpoint device policy. Are they encrypted, patched, firewalled and is there anti malware present? |
| File | Modified |
|---|
No files shared here yet.