SANS Assessment of Student Learning Plan (ASLP) Security Awareness Training

Under what condition is it suitable to store work-related information on your mobile device?

• A. If it is for personal use
• B. When authorized by friends or colleagues
• C. Formal approval and a secure configuration
• D. Anytime it seems convenient

The correct answer is: Formal approval and a secure configuration

It is suitable to store work-related information on your mobile device when there is formal approval and a secure configuration in place. This condition ensures that the information is handled in accordance with organizational policies and complies with security protocols necessary to protect sensitive data. Formal approval typically involves validation from a superior or IT department, acknowledging that the storage is appropriate and necessary for work purposes. In addition, having a secure configuration means that the device is set up with security measures like password protection, encryption, and updated software, which helps protect against unauthorized access and data breaches. This approach balances the convenience of accessing work-related information on mobile devices with the essential need for security, reducing the risk of data loss or compromise. The other conditions, such as personal use or authorization by friends and colleagues, do not adequately prioritize security or official protocols, making them unsuitable for storing sensitive work-related information. Additionally, storing information 'anytime it seems convenient' disregards the crucial measures needed to protect data, which could lead to security vulnerabilities.