VIRTUAL DESKTOP INFRASTRUCTURE
CLOUD SECURITY CHECKUP

Make sure your VDI environment is secure, including AWS workspaces, Azure, Citrix, etc. LMG will conduct a technical analysis and evaluate VDI infrastructure architecture, authentication security, encryption, endpoint protection, backup procedures, alerting and monitoring, and more.

SERVICE OVERVIEW

LMG Security will perform a security checkup of your organization’s VDI environment with emphasis on key vulnerability points:

  • Virtual Desktops
  • Disks
  • File Servers
  • Endpoint devices used for access

LMG Security uses a cross-platform checkup methodology, so regardless of whether you use AWS workspaces, Citrix, Azure, etc., LMG has you covered. The goal of this checkup is to evaluate the overall security health of your VDI environment.

LMG will evaluate:

  • Authentication and Authorization Security
  • Quality of Service
  • Business Continuity and Scaling
  • Encryption
  • Antivirus and Endpoint Protection
  • Administrative controls
  • Backup procedures and retentions (and IR readiness)
  • VDI infrastructure architecture (high level)
  • Disk Encryption
  • File Server Weaknesses
  • SIEM alerting and notification policies related to VDI
  • DLP coverage for VDI
  • Policies / Procedures relating to the VDI environment
  • Technical Remote Access Requirements

You will receive specific recommendations for reducing the security risks identified in your VDI environment.

This checkup can include:

  • Technical testing of key components of the VDI environment
  • Sandboxed VDI breakout testing on production VDI image
  • Privilege escalation attempts in VDI environment
  • Interviews with security staff responsible for managing the VDI environment

DELIVERABLES:

A checkup report which includes:

  • Executive summary
  • Top risks
  • Recommendations
  • Remediation matrix
  • Detailed technical and non-technical findings
  • A Letter of Attestation that provides a high-level description of project scope, methodology, and findings, suitable for release to third parties (upon request).

To learn more about this service, please contact us.

CONTACT US