Mobile Device Security Assessment

1. Home
2. Mobile Device Security Assessment

Method

Our methodology is based upon our experience within security testing of mobile devices and is further supported by NIST’s “Guidelines for Managing the Security of Mobile Devices in the Enterprise”. The methodology is specifically made for security analysis and assessment of mobile devices and cover areas such as:

• Mobile Device Management (MDM) including enforcement of configurational restrictions and remote wipe capabilities.
• Authentication and authorization
• Hardening of the operating system
• Application sources and whitelisting of applications
• Application permission handling
• Data Encryption
• Network Configuration
• Data Encryption
• Screen lock and prevention of information leakage

The assessment is performed as a combination of configuration assessment and creative manual test actions.

Involvement:

• The delivery requires minimal involvement of your technical staff.

Value:

• Identify misconfigurations, insecure policies, deviations from best practice and lack of hardening of mobile devices
• Reduce attack surface of the organization
• Recommendations to strengthen the level of security and how hardening can be applied

Product - Written Report Analysis Containing the Following:

• A non-technical section with an Executive Summary for management and decision makers
• A technical section including detailed observations and tangible recommendations to improve the security level and hardening of the device