Back to all methods

User Device Assessment

Summary

This component allows the auditor to assess the security of the individual devices on the network. This component consists of interviews, surveys, and inspection of devices.

Purpose

Compromised devices have the ability to undermine nearly any other organizational attempt at securing information. Knowing if devices receive basic software and security upgrades and what core protections against unauthorized access exist is vital to designing a strategy to make the host more secure.

Guiding Questions

    • What work and personal devices do staff use to accomplish their work, store work related files, or engage in work communications?
    • What organizational and external/personal services do staff use to accomplish their work, store work related files, or engage in work communications?
    • What are the organizational processes that staff take part in and the tools and communication channels that are used in those process'?
    • What are the existing in/formal security practices that the participants use to address risks.

Operational Security

  • Treat device assessment data as well as any additional service information learned with the utmost security

Preparation

    Baseline Skills

    • Basic systems administration experience for common operating systems

Outputs

    • List of all assets in the organization and whom they belong to.
    • List of software running on staff devices.
    • List of known vulnerabilities, and identifiable malware, that the office is vulnerable to.
    • List of malware found by running updated anti-virus on office computers (if anti-virus installed during device inspection.)

References

Activities