Human factor is the weakest link in an information system
REMEMBER:
The method is based on the use of the human factor. An intruder gets information by unauthorized access to it, by getting information through simple phone calls or by gaining entry to the organization under the image of an employee.
What is it?
Employees names can be revealed via phone conversations, head officers' names can be found on the company's site or other public sources (reports, adverts, etc.) The strongest weapon here is a pleasant voice and acting abilities of an intruder.
Advantages of the method
The testing process is based on methods, techniques and approaches used in sociology and psychology. They can help create such conditions under which intruders will be effectively led to a desired result. Social engineering is often used to get information which is hidden for members of the general public.
Checking of the level of the staff awareness of internal security regulations
Testing of the information security level
Checking the ability of making competitive intelligence
This kind of attack is actively used with competitive intelligence
Defining the objectives
1
2
3
4
You present the list of the employees towards who we must apply methods of social engineering
1
2
3
4
1
2
3
4
How does it work?
Design and simulation of scenarios
We design attack scenarios and test your staff
Report generation
We describe the process of getting data and provide you with guidelines
Training
We organize and give information security master-classes for your team
Get the audit of your organization
We will analyze your company and design an action plan to rectify vulnerabilities