What is a stolen laptop Assessment?
A Lost or Stolen Laptop Assessment is a test to determine how much information can be gained from a mislaid laptop, which ranges from almost nothing, (which would be very unusual), right up to all the information held locally, including details to achieve remote access to a company’s internal infrastructure.
Mobile computing and communications devices, such as Laptops, tablets and Smartphones are massively adopted by large organisations and SMEs for their portability, functionality, and usability.
If these devices are lost or stolen, it is vital that the interception of such a device cannot present a risk of data leakage or unauthorised access to corporate network resources.
A Lost or Stolen Laptop assessment is usually based on a typical user’s laptop bag, including all the information that would typically be in the same bag as the laptop. The scope is something that can be discussed over a review call and subject to different client requirements.
The best test is to simulate a real-world scenario, rather than to analyse a laptop that has been separated from its owner, had its post-it notes removed, notebooks retained and anything else which would aid an attacker in trying to gain access to the device itself and onwards to the corporate network.
The following high-level areas are analysed in this assessment:
• Insecure storage or logging of passwords
• Cached or unlocked credentials
• Missing Security patches
• Boot process analysis
• Device/Disk Encryption
• Password brute force attack/weak password policies
• Sensitive data disclosure
• Information Leakage
• Local Security Policy Circumvention
Analysis and Exploitation
The assessment commences, analysing the findings and attempts made, where safe and permitted, to exploit any vulnerabilities discovered. If access is gained to the laptop, attempts will be made to access key systems on the internal network.
The assessment is documented in a simple, easily digestible, format