Final answer:
To protect employee-owned mobile devices under a new security policy, companies should implement two-factor authentication, stronger passwords, and provide education on avoiding scams. Additional technologies like remote wiping, encryption, and mobile device management systems can enforce security policies and manage threats.
Step-by-step explanation:
To meet the goal of protecting employee-owned mobile devices in the event they are lost or stolen, a company can implement several additional security controls. Enhanced security measures should include two-factor authentication, which adds an extra layer of verification beyond just a password. Mandating stronger passwords helps to prevent unauthorized access. It is also essential for employees to receive ongoing education on how to avoid scams and maintain good security hygiene. This education could cover how to recognize phishing attempts and the importance of not sharing sensitive information on unsecured networks.
Technological solutions such as remote wiping capability would allow companies to erase sensitive data if a device is compromised. Encryption of data stored on the devices mitigates the risk of data being accessed if a device is lost or stolen. Additionally, regular software updates should be enforced to protect against the latest security threats.
Companies should also consider the implementation of mobile device management (MDM) systems that can enforce these policies across all registered devices. These systems can manage the installation of necessary software, enforce security policies, and even locate or lock lost devices.