Details
Passwords should be necessary to unlock mobile devices because they will help secure sensitive information stored on the devices in the event of loss or theft.
Rationale:
Allowing users to access devices without passwords means that anyone with physical access to them can view data on the devices.
Solution
To implement the recommended state, execute the following PowerShell cmdlet:
Set-MobileDeviceMailboxPolicy -Identity Default -PasswordEnabled $true
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.