Mobile and Wireless Security Review
OVERVIEW
This review includes mobile devices, operating systems, applications, security controls and processes. Smartphones, tablets, laptops and wireless systems including WiFI, RFID, identity cards, smartcards and payments cards are within scope for this type of security review.
Mobile and wireless technologies can be configured incorrectly and are easily compromised. This type of review provides you with a report that identifies the real risks and provides mitigations for these risks.
We recommend a mobile and wireless security review before and during deployment of mobile and wireless devices, and a short review whenever they are upgraded or changed.
SERVICES
Network and infrastructure:
- Design and architecture review
- Full network scanning - establish existing wireless “footprint”
- Password security and authentication
- Wireless infrastructure security (corporate versus guest versus public)
- Network segregation and what other data can be viewed from the wireless LAN
- Security implications of mobile devices, operating systems, applications, monitoring systems and security controls and processes
- Firewalls/VLAN, and malicious code (AV) controls
- Intrusion detection testing
- Rogue access point detection
- Encryption levels - Is data encrypted, what type of encryption?
- Physical device deployment - device locations, can they be physically compromised?
Handheld mobile review includes:
- Mobile application review
- Synchronisation authentication including log-on and digital certificates
- On-device security and encryption
- Remote disable and wipe
- Software application security (iPhone and Android custom built applications)
- Patch management
- Server and transport layers (telco links, testing includes both fixed and wireless)
- Management control processes and policies
TIMEFRAME
A typical review takes 2-5 days depending on complexity, device numbers (OS dependant) and network typology.
Department of Internal Affairs (Marketplace 2021, All of Government Certified Services & Common Capability ICT 2017) ICT-SRS Panel Provider
- Information Security Risk Management and Assessment
Primary
- Information Security Governance and Strategy
Primary
- Information Security Assurance
Primary
- Source Code and Application Review and Technical Testing
Primary
- ICT Forensics, Investigation and Security Incident Response
Primary
MORE INFORMATION
Get in touch for more information about how we can help.
^ BACK TO TOP