• The app must record a log entry when there is a failed attempt to improperly transfer data from one persona to another. Transferring data between domains exposes the data to both accidental compromise and physical attack. An unauthorized user could gain access to the OS or app through one of the domains. Similarly, sensitive data conveyed to a less-secure domain holds the potential to cause data exposure. Adding controls that prevent the transfer of data between security domains mitigates a number of IA risks. Furthermore, logging all failed attempts to transfer data between security domains enables the user and administrator to identify when there has likely been a security breach and take appropriate incident response measures