Are Your Users Immune to Social Engineering?

Firewalls.  Antivirus.  Antispam.  Web Access Gateways.  Intrusion Detection Systems.  Encryption.  Data Loss Prevention. Et cetera.  When it comes to technical controls and countermeasures, we’ve got our stuff together.  We’re IT security professionals.  It’s what we do.

Still, I have yet to see a technical product capable of preventing our end users from sharing credentials with someone impersonating a help desk employee who needs to verify that user’s username and password.

So what can we do to protect our users from social engineering attacks?

Realize that most people just want to be helpful.  That said, the information security team should deploy and maintain a core set of technical controls to protect users from themselves.  Start with this checklist:

  • OS Patch Management
  • Application Patch Management (Adobe, Java, Flash, etc.)
  • Antivirus
  • Host-Based Firewall
  • Web Access Gateway
  • Egress Filtering in the Firewall
  • Appropriate Access Controls (Principle of Least Privilege)

Phishing emails will attempt to lure users into visiting websites hosting malicious content, or perhaps prompting users for their login credentials.  By implementing the layered controls outlined in the checklist above, you can significantly reduce the likelihood of a successful exploit.

Most importantly however, EDUCATE YOUR USERS.

Annual security awareness training, combined with recurring reminders (e.g., security emails, newsletters, or posters) can go a long way toward determining whether or not your user opens that email or clicks on that link.

Finally, validate your efforts.  Perform social engineering tests throughout the year to gauge the effectiveness of your technical controls and training efforts.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s