SureCloud logo
Request a demo Contact us Resources

SureCloud provide an array of device assessment services, ranging from workstation and server build reviews, mobile device management and device policy configuration reviews, and off-the-shelf device configuration reviews. Each of these are tailored to specific organisation requirements, such as CIS standards, PCI DSS compliance, and any risks that the organisational has raised as part of a risk-registry programme.

The build reviews provide assurance for the current state of these devices, or for any prospective deployments as part of the security life-cycle, with an aim of identifying and highlighting the potential impact if an authorised or unauthorised user gains access. For example, a device that has been lost, stolen, or accessed by an authorised user with malicious intent (in the case of an insider attack) would all be scenarios where unauthorised access to locally stored data, and/or the ability to escalate privileges would pose a serious threat to an organisations security posture.

A full security audit is performed against the scoped device, with testing undertaken to identity areas where remediation is required, such as where hardening of the build process can be improved. Some of the areas where specific focus is spent includes where local storage of the device may be unencrypted, or where encryption has been implemented but may not meet the required standard for secure encryption technologies. Along with this there may be known security vulnerabilities that are present through missing security updates, or where further configuration is required to utilise the capabilities of the software.

Penetration testing is also undertaken against each of the devices within the security context of a ‘standard’ user account with the aim of identifying any opportunities for privilege escalation, that is can the standard user break out of the security restrictions imposed upon them to  perform unintended actions, for example unauthorised access to sensitive data, or the ability to perform system level tasks associated with high privilege administrator or root accounts.

SureCloud provide the output of these reviews with commentary on the current state of the systems, along with technical details on recreating any of the discovered issues and detailed information for remediating these issues going forward.

60

of organizations say their current cyber defences are not enough

46

of organizations have experienced at least one cybersecurity breach or attack in the past 12 months

16

of US companies admitted that they have ignored a critical security flaw, citing a lack of necessary skills

Loved by companies around the world

Resources for Build Review Assessment Services

18 Jun
  • News

SureCloud Changing The Landscape Of Penetration Testing

SureCloud exhibited and sponsored at InfoSecurity Europe’s 2018 event during the 5th-7th of June.  At the event, …

Read more
  • Case Study
Chelmsford City Council Choose SureCloud Cyber Security Solutions

Chelmsford City Council – Customer Case Study

Discover how Chelmsford City Council manages it’s compliance obligations with SureCloud’s Cyber Security Solutions The SureCloud …

Read more
4 Oct
  • News

SureCloud returns to BBC’s Rip Off Britain

SureCloud Cybersecurity Practice Director Luke Potter was featured on the BBC’s Rip Off Britain programme (Series …

Read more

Get Started with SureCloud