In the late 90s, I was part of a team doing an assessment of a web site at a government facility. We stopped at the guard station and simply told the guard that we were going to building x to see Mr. Y. He said fine and we arrived at the building. The front door was unlocked and the door to the computer room was propped open. It was the same as when I was there two weeks previously.
I don't recall our interaction with any staff that were present. We finished our review and went back to the office where I drafted a letter concerning our findings. Sent the letter to the head of the agency. Soon, we were notified that the server we had reviewed had been moved to another location. We were asked to visit it at its new home. We did so and the security environment was much improved. We later heard that the first, very insecure facility had been closed.
Social Engineering: The Fine Art of BS, Face to Face (Includes Video)
A confrontation with a facilities manager demonstrates social engineers' complete comfort dealing with (and manipulating) conflict.
» View Article
In the late 90s, I was part of a team doing an assessment of a web site at a government facility. We stopped at the guard station and simply told the guard that we were going to building x to see Mr. Y. He said fine and we arrived at the building. The front door was unlocked and the door to the computer room was propped open. It was the same as when I was there two weeks previously.
I don't recall our interaction with any staff that were present. We finished our review and went back to the office where I drafted a letter concerning our findings. Sent the letter to the head of the agency. Soon, we were notified that the server we had reviewed had been moved to another location. We were asked to visit it at its new home. We did so and the security environment was much improved. We later heard that the first, very insecure facility had been closed.
Dirty Tricks: Social Engineers' Favorite Pickup Lines
Tabletop Exercises: 3 Sample Scenarios
19 Ways to Build Physical Security Into Your Data Center
Get instant notifications when whitepapers, webcasts and case studies are added to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
» More blogs
CSO Perspectives
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
Trend Micro ranked #1 against real-world malware. Read more.
64-page prescriptive guide to security, compliance, and IT operations.
Removing Barriers To Better Server Virtualization Efficiency
Mining for Gold: Cybercrime Prevention and the Role of Log Management
The Executive Guide to Data Loss Prevention
Organizations can spend up to 50% more on compliance efforts than necessary.
White Paper: A Security Blueprint Delivered From within the Network
Read the RSA report: Security for Business Innovation
Upgrading to VMware vSphere with vWire
Explore the increasing importance of log management as cybercrime threats grow.
The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164
Implementing Best Practices for Web 2.0 Security
Five Ways to Reduce Your IT Audit Burden
THE IDG NETWORK