An endpoint device is used regularly to interface with a network and may be a workstation, laptop, smart phone or other mobile device.
Higher levels of interaction warrant a detailed analysis of the device’s security, not just from the perspective of an external threat but also from that of an authorised user.
What can you gain from an end point build review or endpoint device audit from Perspective Risk?
- You can give users the flexibility and access they need to do their work with the confidence that the risk of a compromise through endpoint device is severely reduced
- You gain or maintain your legal, regulatory and contractual compliance through managing the risk of your endpoints
What does an endpoint build review or endpoint device audit involve
Endpoint device audits are largely dependent on the device, but a typical audit includes a physical review of the device itself, a review of BIOS security features and hard disk encryption, a complete audit of the operating system against industry and government security guidelines, as well as its susceptibility to malware and virus infection.
- A comprehensive and thorough analysis of the device configuration, which cannot be performed using Network Penetration Testing alone
- A combination of scenario-based testing, (e.g. stolen laptop/tablet) and traditional auditing methods to assess the security of end point devices – this approach to testing is far more effective than auditing alone and identifies nuances in the configuration of operating systems and installed applications which common auditing techniques can miss
- A full report containing a detailed view of device security posture together with bespoke recommendations for your systems
- A report that includes detailed recommendations such as the exact command syntax for the device and its operating system to address the issues
Why choose Perspective Risk for endpoint build reviews?
- Scenario-based testing is more effective
- We cover all major technologies including Windows, OSX and Linux
- You receive a prioritised report based on key gaps relevant to your organisation
- We assess the effectiveness of device security controls from various threat perspectives
- We verify that data on lost and stolen devices cannot be recovered
- You can benchmark device configurations against industry and government standard practices