IT SECURITY TESTING & ADVISORY SERVICES

Mobile and Wireless Security Review

OVERVIEW

This review includes mobile devices, operating systems, applications, security controls and processes. Smartphones, tablets, laptops and wireless systems including WiFI, RFID, identity cards, smartcards and payments cards are within scope for this type of security review.

Mobile and wireless technologies can be configured incorrectly and are easily compromised. This type of review provides you with a report that identifies the real risks and provides mitigations for these risks.

We recommend a mobile and wireless security review before and during deployment of mobile and wireless devices, and a short review whenever they are upgraded or changed.

SERVICES

Network and infrastructure:

  • Design and architecture review
  • Full network scanning - establish existing wireless “footprint”
  • Password security and authentication
  • Wireless infrastructure security (corporate versus guest versus public)
  • Network segregation and what other data can be viewed from the wireless LAN
  • Security implications of mobile devices, operating systems, applications, monitoring systems and security controls and processes
  • Firewalls/VLAN, and malicious code (AV) controls
  • Intrusion detection testing
  • Rogue access point detection
  • Encryption levels - Is data encrypted, what type of encryption?
  • Physical device deployment - device locations, can they be physically compromised?

Handheld mobile review includes:

  • Mobile application review
  • Synchronisation authentication including log-on and digital certificates
  • On-device security and encryption
  • Remote disable and wipe
  • Software application security (iPhone and Android custom built applications)
  • Patch management
  • Server and transport layers (telco links, testing includes both fixed and wireless)
  • Management control processes and policies

TIMEFRAME

A typical review takes 2-5 days depending on complexity, device numbers (OS dependant) and network typology.

Department of Internal Affairs (All of Government Certified Services & Common Capability ICT): ICT-SRS Panel (CCPSA-SRS)

  • Information Security Risk Management and Assessment Primary
  • Information Security Governance and Strategy Primary
  • Information Security Assurance Primary
  • Source Code and Application Review and Technical Testing Primary
  • ICT Forensics, Investigation and Security Incident Response Primary

MORE INFORMATION

Get in touch for more information about how we can help.

^ BACK TO TOP
HOME | SERVICES | ABOUT US| CONTACT US
Copyright 2017 - Lateral Security (IT) Services Limited