Social Engineering Assessment Services

Social Engineering Assessments

All the preventative controls in the world won’t stop a determined attacker from getting at your data, especially if your employees let them in the front door. Social engineering tests your employees’ reaction to unexpected visits, as well as giving you a complete picture of your facility’s physical security posture.

 Value of Social Engineering Assessments 

Many organizations overlook the real value of social engineering exercises: the ability to analyze the implementation of your organization’s policies and procedures from an alternate perspective. This information is valuable because it allows the organization to identify areas that require additional training or other controls. We will work closely with you to identify the highest risk procedures, facilities and business units in your organization, and devise tests to challenge your employees’ reactions to adverse situations.Social engineering tests typically place the consultant in one of two roles:

  • An outsider, such as a vendor or service technician, who is attempting to gain access to the facility
  • An insider, such as a new employee. Below are some sample scenarios
  Insider Employees
Outsider Service technicians
Visitors policies and procedures  

Physical security controls

Workstation security

Document storage and disposal

Separation of duties

 
Application access

 

Insider Testing

Insider testing typically places the consultant inside the organization as a new employee or vendor performing extended onsite work. In this way, the consultant is able to interact with and observe employees, test access controls, and attempt to escalate access to information systems.

Outsider Testing

Outsider testing is the most common form of social engineering. Using a ruse such as a water delivery person, air condition repairman or pest inspector, the consultant attempts to gain access to your organization as a visitor. If allowed inside, the consultant will try to obtain documents or other sensitive information that visitors should not be granted access to, as well as attempt to access restricted areas. 

 

To learn more about our Social Engineering Assessment service, please contact our sales team by calling

(727) 537-9273 or submitting a request through our  Online Inquiry Form.

Contact Us

Contact ISGRM

We are excited to partner with organizations to strengthen their information security programs. Have questions or want to learn how our services can benefit your business?

Get in touch with us today — we’re here to help.

Address

ISGRM Group, LLC
P.O. Box 41602
St. Petersburg, FL  USA 33743 USA

Email

sales@isgrm.com

Phone

(727) 537-9273

Ready to meet your security & compliance requirements?

Book A Consultation
Address

ISGRM Group LLC
P.O. Box 41602
St. Petersburg, FL  USA 33743 USA

Contact ISGRM

Phone: (727) 537-9273

Email: sales@isgrm.com
Submit RFP

We welcome new clients
Save 20% on your assessments

Copyright (C) 2010 - 2024 Information Security Governance and Risk Management Group - ISGRM. All rights reserved.