Social Engineering focussed on information protection

In today's business world intangible assets in the form of data and know-how are of particular importance. These assets are subject to specific risks that humans play a major part in. Information leaks due to insensitive behaviour or careless use of IT systems can cause great damage.

In line with a comprehensive security concept human factors are thus to be included in the assessment.

The respective Social Engineering Assessment can include various aspects: 
  • Requests for confidential information by phone or email
  • Introduction of Trojan Horses (without any harmful functions) via customized emails and file attachments with the objective to infect individual client systems (spear phishing) for showcase purposes
  • Positioning of manipulated data media in the company with the objective to detect access attempts on the data medium (Road Apple)

The activities described in the section "Information Protection" may be combined with an assessment in the section "Access Control".