Knowing your IT Staff and their Practices!
By Aaron Oliver
So last month I touched on the fact that having your employee rosters and contact info on your website can be a treasure for someone looking to social engineer their way into your companies network. I had some feedback asking for ways to mitigate this risk if the information had already been out there. Well there are probably a few things that every company should be doing to help educate their employees to protect against these Social Engineering and Phishing attacks. The easiest way to protect your organization whether you have an internal IT staff or an outsourced managed services provider, is to educate your users on who does the IT support for your organization.
If you're using an internal IT staff, your users should be aware of the names of the IT staff, as well as the extensions and phones numbers that these support personnel would be calling from. Your employees should also know how their IT support team connects to their systems for remote support. If the users in your organization know that your IT support uses the Logmein tool, it should be a red flag if someone posing as IT support calls and tries to get a remote session in some other way like Teamviewer, or some other third party tool!
For those companies using an outsourced managed service provider. You may not always be able to inform your employees of all the names of the technicians at your provider, but they should be aware of all of the different ways to reach out for support as well as the remote connection tools that are used by your provider. Most providers should have their tools installed and should not need to have you create a connection for them. If they don't have anything installed, then users should at least be aware of the tools your provider uses when they initiate a remote session so they are not fooled by someone using social engineering techniques to get access to their computer and your network.
What it all comes down to is employee education! Employees need to be more aware of how their support staff interacts with them during a support incident. Not only should they be aware, but continually reminded to ensure that they keep the approved methods of support fresh in their minds as it may not be something they use every day. Look at sending out a monthly or quarterly IT support overview to all your employees as a way to continually remind them to be on the lookout for suspicious activity. The more aware you users are made the better the chances that your organization's network is not made an easy target for someone wanting to breach your company for any reason.
Aaron Oliver is a Senior Engineer at ThrottleNet