WHY SHOULD YOUR COMPANY PERFORM SOCIAL ENGINEERING TESTING ?
Social Engineering allows companies to test the response to an active breach and to analyze the effectiveness of the Information Security Awareness of it's employees.
The Skill of Gaining Access To Sensitive Data
Many companies go to great steps to protect their data with access security systems, network security software and yet the weakest link in their network data defenses is their own people. Today’s cyber criminal doesn't need hardware or software technology to hack into your computer systems or network. They take advantage of human behavior and habits to get what they want and need. Social engineering is intrusion techniques that trick unsuspecting employees into breaking company security procedures and giving network access to cyber criminal's and attackers.
During an onsite audit, Trojan Horse Security will use many techniques to gain physical access to obtain computer files, records and/or gain access to equipment that may contain confidential information.
The onsite engagement techniques can include:
Garbage diving obtaining sensitive information and data
“Trusted Authority or Employee's” disguises, such as air conditioning repair, pest control, fire inspector, etc. Other roads used are Employee Impersonation of company departments, HR, IT Department etc.
Email phishing is the most common social engineering technique used. Authorized Users of Sensitive data are tricked in to clicking on links that contain malware or into revealing passwords. Trojan Horse Security's social engineering services, conduct's controlled phishing assessments in order to measure employees Corporate Security & IT security awareness.
Physical Social Engineering
Criminals often take advantage of vulnerabilities in an organization’s physical environment in order to walk directly into an office to get what they want. Generally, the consultant looks and acts as if they belong in the office in order to avoid suspicion. To ensure the security of your physical environment, Trojan Horse Security experts conduct physical social engineering tests in an attempt to access your security measures and identify vulnerabilities.
For all social engineering services,Trojan Horse Security provides detailed results, of the assessment and our recommendations. We also offer a comprehensive discussion of the findings and remediation with your board members.