Mobile Security
Secure mobile devices, applications, and data.
9 of 9 frameworks cover this control
Framework Mappings
How Mobile Security maps to each of the 6 cybersecurity frameworks tracked by ControlMap.
| Framework | Status | Control IDs |
|---|---|---|
| NIST CSF 2.0 | Covered | PR.PS-01 |
| ISO 27001 | Covered | A.8.1 |
| CIS v8 | Covered | CIS 1.4 CIS 1.5 |
| SOC 2 | Covered | CC6.7 |
| PCI DSS | Covered | 2.2.4 6.2.1 |
| CMMC | Covered | AC.L2-3.1.18 AC.L2-3.1.19 |
| 800-53 | Covered | AC-19 |
| HIPAA | Covered | §164.310(d)(1) §164.312(a)(1) |
| GDPR | Covered | Art.32(1)(b) |
About Mobile Security
Mobile Security is a cybersecurity control in the Protect domain. Secure mobile devices, applications, and data. Mobile security addresses the risks introduced by smartphones, tablets, and other portable devices that access corporate resources and store sensitive data. Organizations should deploy mobile device management (MDM) or unified endpoint management (UEM) solutions to enforce security policies including device encryption, screen lock requirements, remote wipe capabilities, and application whitelisting. BYOD programs require additional considerations such as containerization to separate personal and corporate data, and clear acceptable use policies that define organizational rights to manage and wipe corporate data on personal devices.
This control is recognized by 9 of the 6 major frameworks: NIST CSF 2.0, ISO 27001, CIS v8, SOC 2, PCI DSS, CMMC, 800-53, HIPAA, GDPR. It has full coverage across all ${FW_KEYS.length} frameworks.