Wednesday, October 25, 2006

Social engineering

According to Kelly, the intruder passed the first hurdle by simply saying he was a new member of staff on the IT helpdesk. It didn't take too long for the intruder to find the server room.

When the intruder got to the server room, he said he was sent by Duncan to service the Uninterruptible Power Supply (UPS).

IT staff sitting by the server room responded with "if Duncan sent you, no problem at all," and let the stranger into their server room.
zdnet article

Security is an field where organizations and technology meet. Neither is more important than the other, and both need equal attention. A firewall is only of limited use when you can just walk into a server room. It sounds so obvious,...

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.