• xThreat Vector: Information Disclosure
IDNameImplementation GroupsThreats
2Inventory and Control of Software Assets   STRIDE-LM
2.3Address Unauthorized SoftwareSTRIDE-LM
3Data Protection   STRIDE-LM
3.3Configure Data Access Control ListsSTRIDE-LM
3.5Securely Dispose of DataSTRIDE-LM
3.6Encrypt Data on End-User DevicesSTRIDE-LM
3.9Encrypt Data on Removable Media STRIDE-LM
3.10Encrypt Sensitive Data in Transit STRIDE-LM
3.11Encrypt Sensitive Data at Rest STRIDE-LM
3.12Segment Data Processing and Storage Based on Sensitivity STRIDE-LM
3.13Deploy a Data Loss Prevention Solution  STRIDE-LM
3.14Log Sensitive Data Access  STRIDE-LM
4Secure Configuration of Enterprise Assets and Software   STRIDE-LM
4.10Enforce Automatic Device Lockout on Portable End-User Devices STRIDE-LM
4.11Enforce Remote Wipe Capability on Portable End-User Devices STRIDE-LM
4.12Separate Enterprise Workspaces on Mobile End-User Devices  STRIDE-LM
15Service Provider Management   STRIDE-LM
15.7Securely Decommission Service Providers  STRIDE-LM