Social Engineering & Physical Security
As a business owner, your greatest assets are your employees. Unfortunately, human error can often be a hindrance to data security. The best security mechanism can be undermined by poor staff practices including leaving the door to a secure area propped open or divulging private information to a stranger.
Education and ongoing security awareness programs are the means to address this problem, but many organizations find it difficult to justify such expenditures. SystemExperts’s Assessment of Non-IT Security Controls service systematically tests the effectiveness of your controls, providing you with an easy to understand report card.
There are two types of assessments that we are often asked to perform: a Social Engineering Assessment or a Physical Site Assessment.
Social Engineering Assessment
- Corporate Identity Social Footprint – research publicly available information to discover names, titles, email addresses of employees and corporate information to be used in targeted social engineering attempts
- Vishing – attempt voice phishing social engineering calls against targeted employees
- Spear Phishing – perform email social engineering exercises against targeted employees
- Shadowing – follow employees to attempt to enter unauthorized areas
Physical Site Assessment
- Cameras & Alarms – ensure surveillance and alarm systems are properly placed to detect intruders
- Sensitive Areas – inspect areas containing valuable property and information to ensure they are properly identified and protected
- Information Disposal – look for company information which may have been improperly disposed of
- Access & Entrance Points – investigate points of entry that could be exploited
SystemExperts aims to bridge the gap between IT security and actual security practices by training your employees in security breach prevention and awareness techniques.
Learn more about our Social Engineering & Physical Site Assessment services
Contact SystemExperts to learn more about our social engineering services and physical security assessments.