Mobile devices have developed over the years from slow and cumbersome devices to advanced computerized tools, running sophisticated operating systems and are connected to the Internet and to the organization’s network information assets.
The current BYOD (Bring Your Own Device) trend has even increased the usage of these devices as work tools, exposing the organization data to loss, manipulation, falsification and consequently severe reputation damage.
Various studies on the subject put emphasis on maintaining high security level in mobile devices: TrendMicro Aug 2012 research found that 47% of the organizations that allowed employees to use self owned mobile devices to access business data found themselves with a data security problems as a result. In parallel, the level of threats against mobile devices has grown significantly; Mobile security company NQ Mobile discovered no less than 25,140 new malwares in 2013 first quarter targeting smartphones. This figure alone exceeds the total amount of malwares detected in 2011.
IPV Security Mobile Audit is designed to help organizations to manage data security risks in the mobile infrastructure and devices by:
- Automated and manual tests designed to expose vulnerabilities and possible penetration paths to the organizations’ critical assets by using mobile access.
- External and internal security scans of all the mobile environment in order to expose security breaches.
- Full technical mapping of the mobile environment, infrastructure up to the device level.
- Black box penetration attempts to the mobile devices (stolen device simulation).
- White box technical implementation audit of the organization’s mobile policy.
- Ability to disable, bypass or uninstall the MDM system client in the mobile device.
- Mobile device hack attempts using the Bluetooth channel.
This audit is performed by IPV Security’s experts using a combination of the most advanced technology tools and under the frameworks of our unique innovative holistic methodology.
The audit outcome is a report which includes a detailed status analysis, mobile environment exposure level analysis relative to the organizational critical business assets from various types of threat sources. The report also includes specific and prioritized technical conclusions and recommendations to reduce these threats.