Mobile Device and MDM Operations

# Mobile Device and MDM Operations One-sentence definition: Operate mobile management policies for BYOD/corporate devices with compliance and privacy balance. ## Key Facts - Enforce screen lock, encryption, OS version, app allowlists, jailbreak/root detection. - Use MAM for corporate data containers; remote wipe corporate data only. - Conditional access: device compliance signals; certificate auth where possible. - Handle lost/stolen procedures and ownership changes. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Choose MAM/MDM combos to protect data on mobile endpoints. **Mnemonic:** “**Manage** device, **mind** privacy.” ## Mini Scenario Q: BYOD refuses full wipe—how to comply? A: Corporate-only wipe via MAM; no personal data deletion. ## Revision Checklist - Two compliance checks. - Access tie-in. - Lost device step. ## Related [[Device Identity and MDM MAM (Compliance)]] · [[Conditional Access Policies (Risk Device Location)]] · [[Zero Trust Network Access (ZTNA)]] · [[Passwordless and FIDO2 WebAuthn]] · [[Domain 7 - Index]]