| Ensuring that you have adequate network protection is | | | | for access to "their" email account, which is generally |
| vital, but protecting your system from hackers who | | | | that of a system administrator. Once they have |
| use social engineering to get inside should also be a | | | | access to this account, they can issue credible |
| priority. Even the best employee may create system | | | | commands to gain further access to and control over |
| vulnerabilities if they aren't aware of the threat, and | | | | your business' systems. |
| companies often overlook this hacking angle. | | | | No one wants to think that getting access to their |
| Hackers can be smooth operators. They may call | | | | company's system could be so easy, but it can and |
| looking for advice, offering flattery in the attempt to | | | | does happen. Using these tricks to gain access to |
| gain your employees' trust. They use this connection to | | | | business networks is actually quite common. The key |
| talk their way into getting information about the | | | | to limiting this risk is comprehensive training for your |
| security your company has in place and the programs | | | | employees so they learn to see through the hackers' |
| you run. They may also prey on your employee's | | | | ploys. |
| confidence in the network in order to gain specific | | | | How can you help limit the risk of these threats |
| details and shortcomings about your system | | | | compromising your security? |
| operations. By using social engineering to obtain even | | | | * Educate your employees about how hackers utilize |
| small amounts of information about how your system | | | | social engineering in order to obtain access to a |
| operates and what programs you use, the hackers | | | | system. Your employees cannot fight this problem if |
| can run software on their end that will not only give | | | | they don't know it exists. |
| them greater detail on your system, it can show them | | | | * Decide what information about your system is too |
| how to get inside. | | | | risky to make public, and train your employees not to |
| Suavely manipulating an individual isn't the only social | | | | release this data. |
| engineering method hackers use. Some hackers are | | | | * Formalize procedures for obtaining and changing |
| far more direct. It's hard to believe, but they may | | | | passwords and access to email accounts. If you can |
| directly call a business and impersonate an authority in | | | | ensure that no outside party is gaining passwords, |
| the company. Employees can be easily swayed by a | | | | you've thwarted one major hacker tool. |
| person issuing a direct request in an authoritative tone. | | | | Your company cannot fight this problem if it isn't |
| Employees have been known to do what the hacker | | | | aware of it, but once your employees understand the |
| says because they believe they are being asked on | | | | risks they'll be in a better position to fight it. Training |
| behalf of the company. They may change passwords | | | | your employees is a small step that will net large |
| or issue new ones, allowing the hacker access to your | | | | results in limiting your business' vulnerability. |
| system. The hacker may start small and simply ask | | | | |