Social Engineering Testing
People are the weakest link in the day-to-day management of an organization's network security. Our social engineering testing examines the security awareness and best practices of your employees and suppliers.
One of the main reasons credit unions are successful is their staff's willingness to provide top-level member service. Not only do you train your staff to be courteous to members and try to assist them with their needs, you generally hire people that possess these helpful traits by nature.
Criminals recognize this and prey on your staff's willingness to "help."
Depending on your needs, we can offer social engineering testing either remotely or on-site providing an accurate representation of your employees' security awareness.
Types of Testing
Off-site testing includes a wide range of attacks using email and phone calls designed to compromise company policy and access confidential information.
On-site testing includes attempts at gaining physical access to the premises, obtaining records, files, equipment, sensitive information, network access and more. Even though each engagement has unique characteristics, the testing is always conducted in a strictly professional manner.
Social engineering testing provides your institution with regulatory compliance on the following guidelines:
- GLBA – Section III.C.3
- NCUA – IS&T Questionnaire IT – Penetration Test Review, Section 6G.