- What work and personal devices do staff use to accomplish their work, store work related files, or engage in work communications?
- What organizational and external/personal services do staff use to accomplish their work, store work related files, or engage in work communications?
- What are the organizational processes that staff take part in and the tools and communication channels that are used in those process'?
- What are the existing in/formal security practices that the participants use to address risks.
- Treat device assessment data as well as any additional service information learned with the utmost security
- Basic systems administration experience for common operating systems
- List of all assets in the organization and whom they belong to.
- List of software running on staff devices.
- List of known vulnerabilities, and identifiable malware, that the office is vulnerable to.
- List of malware found by running updated anti-virus on office computers (if anti-virus installed during device inspection.)
- Guidelines: "Guidelines on Firewalls and Firewall Policy" (NIST 800-41)
- Benchmarks: "Security Configuration Benchmarks" (CIS Security Benchmarks)
- Repository: "National Checklist Program Repository - Prose security checklists" (National Vulnerability Database)
- Security Guidance: "Operating Systems Security Guidance" (NSA)
- Windows Utility: "HardenTools" (Security Without Borders)
- Guide: "How to Teach Humans to Remember Really Complex Passwords" (Wired)
- Guide: "Security on Passwords and User Awareness" (HashTag Security)
- Video: "What’s wrong with your pa$$w0rd?" (TED)
- Article: "Password Security: Why the horse battery staple is not correct" (Diogo Mónica)
- Organization: "Passwords Research" (The CyLab Usable Privacy and Security Laboratory (CUPS))
- Guide: "Hacker Lexicon: What Is Password Hashing?" (Wired)
- Guide: "7 Password Experts on How to Lock Down Your Online Security" (Wired)
- Password Survery: Encountering Stronger Password Requirements: User Attitudes and Behaviors (CUPS)
- identify what privileges services are running as
- identify is the admin user is called admin or root
- Identify if users are logging in and installing software as admin.
- Checklist: "Firewall Configuration Checklist." (NetSPI)
- Identifying if a device is using encryption by OS
- Encryption availablility by OS
- Encryption Guides
Privilege Separation Across OS:
Examining Firewalls Across OS:
Identifying Software Versions:
Device Encryption By OS:
Identifying Odd/One-Off Services:
Device and Behaviour Assessment_The auditor checks staff devices for updated systems and software, anti-virus and other security capabilities, and identifies software…
Mobile Device Assessment_The auditor checks for the type of mobile devices in the organizations Follows a series of steps depending on the different mobile devices…
A Day in the Life_The auditor checks staff devices for updated systems and software, anti-virus and other security capabilities, and identifies software…
A Night in the Life_The auditor interviews the staff about their practices, personal devices, software and other security capabilities that they use outside of…
Firewire Access to Encrypted/Locked computers_Firewire ports and expansion slots can be abused to obtain data that are thought to be encrypted Any attacker who obtains a running…
Password Security Survey_Weak and "shared" passwords are prevalent - even after hundreds of well-publicized global password breaches, "password" and "12345" remain…
Password Strength_This exercise supports the auditor in building an effective dictionary that is customized to an organization. This dictionary can then be…
Guided Tour_During this component an auditor tours the audit location(s) and flags potential risks related to physical access at that location.
Check Browser and Plugin Vulnerabilities_Though modern browsers are better at self-updating, and the prevalence of powerful plugins like flash and java are slowly declining, it is…