Mobile Device Security

Issues

Mobile devices are more and more compact and powerful; in the modern world we are becoming dependent upon them. Mobile telephones, music players, PDAs, laptops, etc; they are ubiquitous.

In the business world too, they have revolutionised working practice. We carry our information with us and expect to be connected everywhere. However the attributes of compactness functionality, mobility and the fusion of technology bring risk with the benefits:

• their huge storage capacities and compact size allows many Gigabytes of data to be moved in readily concealable devices

• the fact that devices are common place means there is a tendency to be complacent about their use – an MP3 player can play music but can also store large amounts of data

• the value and compactness of laptops and PDAs means they are easily lost and attractive to thieves – many highly publicised incidents involving loss of sensitive data testify to this

• remotely connecting to corporate networks extends the network beyond readily protected boundaries – the use of wireless technology extends this further still

• working on the move entails the risk of eavesdropping on conversations or sight of information on devices

commissum understands the business needs associated with mobile working, and with our expertise in security and risk management we can help you mitigate the risk while reaping the benefits with our pragmatic approach.

Approach

commissum always adopts an independent perspective whether advising on designs and technologies, or assessing the security of existing solutions. Our experienced consultants will provide expert advice and recommendations based on your business context and a totally objective standpoint.

• business case development, addressing the balance between embracing the benefits and mitigating the risk

• developing solution concepts for clients with recommendations on management and technologies

• assessing planned or implemented solutions and advising on improvements for secure working

• recommendations for security architecture or specific technologies

• project security oversight

• testing and audit of existing solutions or devices

As well as assessing overall solutions and architectures, commissum can also provide assurance down to the individual device level – supply our team with a device and we can advise on the level of risk you face in a theft or loss scenario. This not only addresses the protection of data on the device, but also use of this data to access corporate networks and information. Our recommendations will be specifically tailored to your business context and be pragmatic in terms of the usability of technology balanced with mitigating risk.

Customer Benefits

commissum provides expert, objective independent advice that can be relied upon by the Client. This means:

• the advice is vendor/technology agnostic – we will not be trying to sell a solution to you; we will be recommending what best fits your business context and risk profile.

• the recommendations are based upon sound knowledge in the field; both from a technology and industry best practice perspective – you can be confident that your security is central to the advice you receive and embraces knowledge of the security best practice.

• the approach is pragmatic and tailored to your business context, risk appetite and operational needs – you need us to understand that you have legacy systems, limited budgets and need to balance usability with keeping your assets secure; this is where we excel and add considerable value.

commissum will ensure that you are able to confidently embrace the business benefits of the array of mobile devices available today, without unnecessarily exposing corporate assets and increasing your risk profile.

• Penetration Testing
• CREST Testing
• Application Testing
• Enterprise Application Assurance
• Network Vulnerability Assessment
• PCI DSS Testing
• Code Review
• Mobile Device Security
• Wireless Security