Beware….This one could Clean you Out!
Filed in Cybercrime, Security on Feb.11, 2010
This week I have been in Germany teaching a couple of my Social Networking Security classes. Thanks very much to everyone who attended. I was recently on-site and managed to take a shot of this lady cleaning an office. In my opinion this is the type of person who is perfectly placed to undertake industrial espionage. Think about it she could easily plant bugging devices, key loggers and you would not be any the wiser until it was too late.
Remember Social Engineering is not just about shoulder surfing, eavesdropping or tailgating. Social engineering is the ability to obtain as much information from you and your organization which can be used for criminal purposes. In order to protect against these types of attack you can:
- Conduct a Classification and Impact Analysis
- Identification of Baseline Controls (High, Medium & Low.
- Human Resources: Adopt & Follow Clear Guidelines!
- Ensure you adopt Security Awareness Programme & Usage Policy
- Access Control: Establish Clear Internal & external Guidelines
- Administrator Responsibilities
- Secure Workstations / Laptops / Software etc
- Network Security: Firewalls, IDS, IPS Etc
- Establish Clear Remote Access Guidelines
- Conduct Regular Backups
- Social Engineering: Be Aware of Dangers
- Establish Clear Audit Trails & Monitoring
- Security Implementation: Timings etc
- Audit…Audit & Audit!!!!
Comments Off
