In any organization, the weakest link in the security chain is often the level of security awareness of the people who work there.
Commonplace, poor security practices are the result of employee workarounds developed to address problems during the workday: employees forget passwords, so they write them down where others can see them; employees allow unauthorized others to “tailgate” through secure facility doors; employees divulge information and make bad decisions due to lack of security knowledge.
Criminals and malefactors know this, and exploit these tendencies to great success. Ingalls Information Security provides services that expose an organization’s employees to scenarios that test their ability to successfully respond to social engineering attacks. Additionally, our information security services provides training that raises employee awareness of social engineering activities as well as the proper procedures to defeat them.
You’ve seen it a million times. Every day, news reports speak of identity theft that has occurred because of account information being stolen through email scams. Our internet security company can mimic these scams to test your organization’s level of defense against such threats.
We will send your employees bogus emails; we can test your email filters and we can identify any employees who clicks on either email attachments or links in the email body. We can also attempt to gain user account credentials during the phishing campaign that can then we used as part of a vulnerability analysis.
It doesn’t begin and end with an email. Our staff has years of experience talking people into giving up sensitive information over the phone. We also have professionals on staff who will physically go to your facilities and try to gain access to restricted areas.
We will custom-design a physical social engineering scenario that is appropriate for your environment (phone guy, pest inspector, etc.) and then attempt to execute an infiltration.
If your organization occupies a large building and uses swipe cards to gain access, how many people will helpfully hold the door open for someone carrying way too many boxes? Wouldn’t you? People are naturally inclined to be helpful and an attacker will exploit that tendency.
Combine a social engineering test with a follow-up employee training session. Employees are the weakest link in your security posture and we will test and train them to be more aware.
Download the Phishing datasheet and Vishing datasheet to learn more.
We are committed to preventing and responding to data security breaches. We have the most dedicated and qualified analyst in the cyber industry and can identify areas that you should focus on to enhance your level of security and awareness.