Obtain an accurate understanding of your security and risk posture, while ensuring compliance with industry regulators and information security best practices.
The goal of this assessment is to identify potential holes in your organization's security posture when it comes to mobile technology.
Praetorian has developed a technology agnostic approach that emphasizes organizational polices, processes, and technical capabilities as a means to enumerate the total risk for the company. Our consultants will examine internal documentation and diagrams that relate to the implementation of the infrastructure, employed mobile technologies, and user knowledge. These documents include security policies that discuss wireless security as well acceptable behavior and usage policies. In addition, technical controls, such as access and authorization, will be reviewed. The organization should provide the pertinent infrastructure details and documents that describe the following:
After examining this documentation, Praetorian will visit onsite to perform interviews and discuss potential concerns and threats that the organization might face. The first goal of these tasks is to build an operational snapshot of the organization. The interviews will be focused on organizational practices and procedures, and these interviews will be conducted with key stakeholders in the organization in areas such as infrastructure, network services and applications, along with the teams responsible for managing the mobile technologies. As part of this process, we will also work with the organization's staff to develop a number of abuse cases and threats that they feel affect their data, infrastructure, and overall operational security. These cases will capture the most probable threats, and it will work to establish an initial set of operating parameters for Praetorian and the organization. This threat model will highlight not just the threats and vulnerabilities, but it will also take into account the organization's current technology and point out potential remediation's that can be enacted with these technologies.