The requirement is to enable the Corporate Security team in a global corporation to perform Full File System acquisitions of current models of IOS (Apple) and Android (Samsung etc.) mobile devices. Analysis is expected to be using Magnet Forensics Axiom. In-scope devices are owned by the company and are managed by use of Microsoft Intune MDM. The MDM allows for remote reset of screen lock PIN, so there should be no need to hack devices if locked.
Verakey (Grayshift / Magnet Forensics) offers a solution based on "Consent-Based Access", also including unlimited number of acquisitions as part of license. Based on physical hardware, no remote acquisition functionality. Does anyone have experience of this solution?
What other solutions are in use by corporate users? What is your experience of these solutions (such as functionality (good or bad), cost, training requirements)?
I really appreciate feedback on this issue! 😀Â
Do you know about Oxygen Corporate Explorer? It also offers full file system extractions of Apple iOS and Android devices as well as data analysis. You can learn more and schedule a demo here.Â