Gartner Research

Secure Data Disposal for Smartphones and Tablets Is a Mandatory Ingredient for a Successful Mobile Device Program

Published: 24 July 2013

ID: G00251260

Analyst(s): Leslie Fiering, Bryan Taylor, Leif-Olof Wallin, John Girard

Summary

Data sanitization of mobile devices that have been lost, stolen, upgraded, reached end of life or departed with a former employee is becoming increasingly complex. IT leaders must understand that, in many cases, a simple selective or complete remote wipe is not enough to make the data unrecoverable.

Table Of Contents
  • Key Challenges

Introduction

Analysis

  • Account for the Scenarios That May Expose Data
  • The range of scenarios that needs to be covered suggests that a full life cycle approach to the device needs to be maintained. These scenarios include, but are not limited to:
  • Understand That Mobile Device Data Is a Moving Target
  • Be Aware That Solid State Memory (Flash) Presents Challenges
  • Determine How Far to Go With Personal Data
  • Watch Out for Jailbreak and Rooting
    • Impact of Encryption
  • Insist on Having Data Sanitization and Protection Policies and Processes in Place at the Outset of Any Mobile Device Enrollment
  • Do Not Allow Any BYOD Devices on the Network That Don't Meet Technical/Configuration Requirements or Where the Employees Haven't Yet Signed the BYOD Contract/Policy
  • Limit the Number of Devices a User Can Concurrently Enroll in the Program
  • Encrypt Organizational Data on Mobile Devices
  • Invest in Technology and/or Services to Support the BYOD Program
  • Remove Aged and Nonessential Data From Devices
  • Performing a Factory Reset, at Minimum, to Wipe a Device Is Prudent in Many Situations, Even With User-Owned Devices

Recommended Reading

©2020 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Purchase this Document

To purchase this document, you will need to register or sign in above

Become a client

Learn how to access this content as a Gartner client.