Social Engineering: Why Employees Are Your Security

Ed dives into social engineering in his E-Commerce News article this week:

In the enterprise data security chain, human beings often prove to be the weakest link. Using social engineering tactics, thieves can frequently gain secret information about a company’s systems simply by asking. To prevent this, not only must employees be trained, but systems must be changed to reinforce the policies employees have learned.

Imagine this situation: A coworker calls you in a panic. He’s facing a fast-approaching deadline, and you are the only person who can help him succeed in getting some critical task done. This hypothetical coworker explains to you what he’s working on and how it’s critical to the success of the organization in some way; he’s at his wits’ end in trying to accomplish a portion of that task (say, downloading a critical file from an internal file server), and he’s asking you in desperation to help him out. Would you help him?

For the rest of the article, please click here.