Laptop Security Assessment

Today many organizations manage to provide portable devices such as laptop/notebook to their employees to work remotely from anywhere. However, in the recent media reports, data theft has taken high amount of consideration when focusing under unsecure portable devices. Usually these devices carry highly confidential data relevant to their organization, which if lost, can result into significant negative impact on corporate image. While losing the data held on the laptop it also gives an attacker a remote access to the corporate network.

Cipher Storm assesses the security of a laptop by identifying the risks associated towards standard build and how this could be advantageous for the malicious adversary. For instance, in case of stolen laptop, VPN Log can provide enough information about the internal network. Initially, Cipher Storm will try to evade the protection mechanisms bypassing boot encryption and the other security methods like Windows/Linux authentication. Our consultant, using their knowledge analyze and evaluate the critical data resides in the laptop to help further attack against an organization. In the end, the final report will detail the findings to understand the risks these devices are exposed to and the methods or procedures for securing them.

End-User Security Awareness (CS-EUSA)