A security review of a company laptop or mobile device requires a tester to assess the security of the device hardware, operating system, applications and locally stored data for potential vulnerabilities. The ultimate goal is to see if sensitive data can be accessed locally or externally - typically from the perspective that the device is lost or has been stolen.
Why do you need a laptop/mobile device security review?
Mobile devices, are being increasingly adopted by large organisations and SMEs for their portability, functionality, and improving support for existing internet technologies. If such devices are lost or stolen, it is critical that the interception of such a device cannot pose a risk of data leakage or unauthorised access to corporate network resources.
How can we help you?
Company laptops and smart phones can have the same privileged access to business data resources as a desktop connected to the internal corporate network. Internal security policies often cannot map fully onto mobile devices and therefore such devices can be exposed to risk. Business laptops and mobile devices typically have trust relationships with the corporate network. As part of our testing methodology, we attempt to subvert or elevate any available privileges to gain access to data and services - reporting any entry points or opportunities for further attacks.
ProCheckUp currently offers the following services in this area:
- - Android Device Security Review
- - iPhone Security Review
- - iPad Security Review
- - Laptop Security Review (Stolen Laptop Case Study)
As part of the security review, our testers provide comprehensive testing of the laptop or mobile device hardware, operating system, applications, and locally stored data for security issues related (but not limited) to the following:
- - Cached or unlocked credentials
- - Weak password policies
- - Sensitive data disclosure
- - Encryption vulnerabilities
- - Information leakage
- - Missing security patches
- - Local Security Policy Circumvention
Working with a personal account manager and dedicated member of the technical team, we will support and guide your company from initial enquiry stage through to fixing vulnerabilities. You can read more about our processes here.
Contact us to discuss your company's security testing needs.