Device Security Reviews
Laptop and Mobile Device Security Reviews
A security review of a company laptop or mobile device requires a tester to assess the security of the device hardware, operating system, applications and locally stored data for potential vulnerabilities. The ultimate goal of the tester is to see if sensitive data can be accessed locally or externally - typically from the perspective that the device is lost or has been stolen.
Why do you need a laptop/mobile device security review?
Mobile devices such as Android Smart Phones, iPhones, iPads and other tablets, are being increasingly adopted by large organizations and SMEs for their portability, functionality and improving support for existing Internet technologies. If such devices are lost or stolen it is critical that the interception of such a device cannot pose a risk of data leakage or unauthorised access to corporate network resources.
How can we help you?
Company Laptops and Smart Phones can have the same privileged access to business data resources as an enterprise desktop connected to the internal corporate network. Internal security policies often cannot map fully onto mobile devices and therefore such devices can be exposed to risk because of limitations of security management for the mobile platforms. Business laptops and mobile devices typically have trust relationships with the corporate network. As part of our testing methodology we attempt to subvert or elevate any available privileges to gain access to data and services - reporting any entry points or opportunities for further attacks.
ProCheckUp currently offers the following services in this area:
- Android Device Security Review
- iPhone Security Review
- iPad Security Review
- Laptop Security Review (Stolen Laptop Case Study)
As part of the security review our testers provide comprehensive testing of the laptop or mobile device hardware, operating system, applications and locally stored data for security issues related (but not limited) to the following:
- Cached or unlocked credentials
- Weak password policies
- Sensitive data disclosure
- Encryption vulnerabilities
- Information leakage
- Missing security patches
- Local Security Policy Circumvention
Working with a personal account manager and dedicated member of the technical team, we will support and guide your company from initial enquiry stage through to fixing vulnerabilities. You can read more about our processes here.
Contact us to discuss your company's security testing needs.