An analyst is responding to an incident involving an attack on a company-owned mobile device that was being used by an employee to collect data from clients in the field. Malware was loaded on the device via the installation of a third-party software package. The analyst has baselined the device. Which of the following should the analyst do to BEST mitigate future attacks?

A. Implement MDM.
B. Update the malware catalog.
C. Patch the mobile device's OS.
D. Block third-party applications.