The latest technology to detect and prevent attackers is only as good as the people trained in your organization. The weakest security link is often people. An attacker might talk his way into getting information over the phone or even fake an email to get more information. Social Engineering is attacking people, not technology. This testing can vary and will be thoroughly discussed with the clients.
- Determine what information someone is able to get from outside your organization.
- Determine what policies are in place to handle suspicious emails and phone calls
- Determine the knowledge employees have to handle phishing attempts
- Protect your organizations privacy by increasing employees knowledge on security