SERVICE OVERVIEW
LMG Security will perform a security checkup of your organization’s VDI environment with emphasis on key vulnerability points:
- Virtual Desktops
- Disks
- File Servers
- Endpoint devices used for access
LMG Security uses a cross-platform checkup methodology, so regardless of whether you use AWS workspaces, Citrix, Azure, etc., LMG has you covered. The goal of this checkup is to evaluate the overall security health of your VDI environment.
LMG will evaluate:
- Authentication and Authorization Security
- Quality of Service
- Business Continuity and Scaling
- Encryption
- Antivirus and Endpoint Protection
- Administrative controls
- Backup procedures and retentions (and IR readiness)
- VDI infrastructure architecture (high level)
- Disk Encryption
- File Server Weaknesses
- SIEM alerting and notification policies related to VDI
- DLP coverage for VDI
- Policies / Procedures relating to the VDI environment
- Technical Remote Access Requirements
You will receive specific recommendations for reducing the security risks identified in your VDI environment.
This checkup can include:
- Technical testing of key components of the VDI environment
- Sandboxed VDI breakout testing on production VDI image
- Privilege escalation attempts in VDI environment
- Interviews with security staff responsible for managing the VDI environment
DELIVERABLES:
A checkup report which includes:
- Executive summary
- Top risks
- Recommendations
- Remediation matrix
- Detailed technical and non-technical findings
- A Letter of Attestation that provides a high-level description of project scope, methodology, and findings, suitable for release to third parties (upon request).