Social Engineering

Are you protected from susceptibility to Social Engineering?

People are the weakest link in the day-to-day management of your network security. An increasing percentage of all network attacks come from within the organization. Social engineering examines the security awareness and practices of employees and suppliers to determine if they are using best practices.

Digital Defense provides remote and on-site social engineering services.

How it works:

Off-site Social Engineering

Digital Defense recommends semi-annual off-site (remote) Social Engineering to provide an accurate representation of employee security awareness.

Off-site testing includes a wide range of attacks designed to compromise company policy and access confidential information. Each test has a specific purpose and provides important insight into how staff will respond to actual security threats and breaches.

Digital Defense uses numerous methods to obtain classified information and to gain unauthorized access to critical hardware and software.

• Calls to internal staff members and suppliers to assess their security awareness
• Attempt to obtain information a perpetrator could use to gain unauthorized access to network resources or data
• Provides a summary report of the methods employed and weaknesses identified
  • Identify observed security concerns that could allow data compromise
  • Benchmark the effectiveness of controls in relation to similar organizations
  • Suggest remedies

On-site Social Engineering

Digital Defense recommends annual on-site testing. Evaluating more frequently often results in a conditioned response and is cost prohibitive.

On-site testing includes attempts to gain physical access to the premises to obtain records, files, equipment, sensitive information, network access, and more. While each engagement has unique characteristics, all testing is conducted in a strictly professional manner.

Digital Defense performs on-site review of random employee awareness by attempting to acquire information that will permit unauthorized network access.

• "Shoulder surfing"
• Impersonating IT staff
• Persuasion techniques
• Gaining unauthorized or falsely authorized physical access to your facilities
• Provides a summary report of the methods employed and identified weaknesses
  • Identify observed security issues that could contribute to compromise
  • Benchmark the effectiveness of controls in relation to similar organizations
  • Suggest remedies

Key features/benefits:

Social engineering tests provide significant value:

• Identify gaps between corporate security policies and personnel awareness
• Enable corrective action and reduce the risk of a damaging security breach
• Balance security technology and personnel training investment
• Provide a clear view of staff security awareness
• Assess staff training needs
• On-site review reveals necessary physical safeguards to prevent unauthorized facility access

Digital Defense social engineering services provide:

• A summary report of the evaluation results and findings useful for
  • Internal review
  • Planning purposes
  • Regulatory examinations
• Telephone support to assist interpretation of report conclusions

For more information on any of our services, sign up here!

Company First Name Last Name Business Email Phone Area(s) of Interest

Press Releases (View All)

January 8, 2010 Digital Defense Receives Major Vulnerability Scanner Validation From NIST View

Upcoming Webinars (View All)

March 10, 2010 Streamline Vulnerability Management with the Active View

March 18, 2010 Social Networks — Hackers Love Them Too

March 24, 2010 Maximize Threat Analysis with the RRC (Risks, Ratings and Certification)

This site has been optimized for FF2/3 and IE7/IE8. Site functionality may be reduced when utilized with other web browsing software.

© 1999-2010 Digital Defense, Inc. | Toll Free: 888.273.1412 | Home | Contact Us | Privacy Policy | VRT Advisories | Careers