Network security – A Detailed Guide
Work in a professional environment where you are
responsible, at least in part, for network security.
You have firewalls, viruses, and spyware, and all your computers are up to date
with security solutions. You sit there and think about the good work you've
done to make sure they don't get hacked.
As most people think, it has taken the most important step
towards a secure network. This is part of the truth. What about the other
factors?
Have you ever thought about attacking a social engineer? And
the users who access your network daily? Are you ready to face the attacks of
these people?
This problem especially occurs in an environment where the
phone password has been reset by the support server. Nothing prevents people
from wanting to join your network, calling their panel, pretending to be an
employee, and asking for a password reset. Most organizations use the system to
create user accounts, so it's not hard to find them.
Before resetting your password, your organization must have
strict guidelines to verify the user's identity. One simple thing is to let the
user personally go to the information point. Another method that works well if
your offices are geographically remote is to identify an office contact that
you can call to reset your password. Thus, anyone working at the point of
inquiry can recognize that person's voice and know what is being said.
Why would an attacker come to his office or seek support?
Simple, this is usually the path of least resistance. You don't have to spend a lot of time on an electronic system when the physical system is easier to use.
Next time you see a person walking behind you through a door and you do not
recognize it, stop and ask who they are and what they are. If you take action
and you are someone who does not have to be there, you will be leaving most of
the time soon. If the person is present, the name of the person he or she sees
may appear to him or her.
I know you're going to say I'm crazy, right? So think of
Kevin Mitnick. He was always a decorated hacker. The US government thought it
could break the phone and launch a nuclear weapon. Most of his hacking was done
with the help of a social engineer. Whether you have a physical visit to the
offices or are called, you have some of the most important ones to this day. If
you want to know more about Google's name or read the two books you wrote.
I have no reason that people are trying to get rid of such
attacks. I think some network engineers are very proud of
their network for recognizing that they can be easily damaged. Or do people not
think they should be responsible for educating their employees?
Most
organizations do not give their IT departments the power to promote physical
security. This is usually a problem for the building manager or property owner.
However, it can even be trained for its employees; you can prevent network
disruption from physical or social attacks.
Comments
Post a Comment