© 2019 RSM US LLP. All rights reserved.
Mobile Device Penetration Testing
Mobile device penetration testing simulates loss or theft of a mobile device, from a simple attack (like a passcode bypass) to complete compromise.
As mobile devices become essential business tools for on-the-go enterprises, they bring new risks to organizations. For example, attackers could potentially access any data on a stolen cell phone, exposing users and their employers to technology, economic and reputational risks. Any organization using mobile devices needs security controls and processes in place to control vulnerabilities as they would any other devices connected to their network.
During mobile device penetration testing, RSM evaluates the basic security controls in place on a device, such as remote wiping, passcode auto locking, passcode brute force prevention and enforcement. Additionally, we examine the advanced security requirements, such as rooting or jailbreaking preventive controls, secure wireless and virtual private network (VPN) conﬁgurations. We determine the device’s susceptibility to exploitation of known and unknown mobile device threats. Additionally, if a target organization uses a mobile device management (MDM) solution, our professionals try to bypass established controls and requirements.