The strongest cup of coffee I've ever had was at a giant tech enterprise. You would know it if I mentioned the company. Hint, their products are responsible for over 50% of the world's Internet traffic. I think the coffee was so strong because of early shift teams. With days starting at 6:30 in the morning. Typical for a NOC crew. Being groggy is normal before that first cup. It'll be easy to forget important things at home, like your access badge. The early crew will relate to this. Thus the building entrance can be socially exploitable.
Day one working at this enterprise, I'm told to get a few teammates' phone numbers in the case I forget my access badge. So, specific cases do exist where it is appropriate to allow others into the building. For instance, a team member waits outside at 6:30 am knowing that someone they recognize will let them into the building. But... What happens when people in that shift start getting used to this? What if someone this early stands outside and gives a reasonable excuse like they know someone you know in the building? What if they were malicious?
An encryption consultant thinks about how to protect data and protects multiple avenues to ensure it's confidentiality and integrity. It's their job to keep things secure; this spreads to other aspects of their lives. On the other hand, others do not think about security as much because it is not part of their day to day work schedule. For instance, a customer service specialist focuses on how to best come to an agreeable compromise. They don't need to give much thought to security.
The most common vulnerability is the human factor. Machines are easier to secure provided limited constraints. They are not susceptible to social engineering. This is why top security concerns for employees of large organizations must be aware of these issues. They are the gate keepers and do hold some form of responsibility. Periodic training training is recommended to remind employees of this. After all, it's easy to forget without coffee.
No comments:
Post a Comment