Mobile Application Testing
Everyone has a smart phone or tablet, many organisations are producing mobile applications either for their staff or clients. It is vital that these handle and use data in a secure and sensible fashion. As well as the risk of these devices being used over the internet these devices are at a high risk of being stolen. CNS will evaluate the security of the application, how does it handle and store data? How does it transmit data? Does it manage sessions properly? CNS will assess the application from both an authenticated and unauthenticated point of view (i.e. an authorised user or someone who has stolen the device).
Mobile Device Testing
Virtually all organisations issue staff with Mobile devices. It makes sense to provide staff with remote access to email and corporate data. However it does mean that corporate data is now outside of the protective perimeter and users are able to operate without supervision. It is critical that these devices are secure, ensuring the users cannot put company data at risk and equally if the device is stolen that corporate data cannot be accessed or abused. CNS will conduct a review of the device from both an authenticated (as if they are the user) and from an unauthenticated point of view (as in someone who has stolen the device). In addition if any mobile management servers (BES, DME etc) are used, CNS will review these.