- 01737 304 210
- QuickSupport
What Is Social Engineering? How Can I Protect My Business?
Security researchers have revealed that social engineering is one of the most prevalent attacks against organisations and their network. But what is social engineering, you might ask? How does it affect you and your business? This post explores exactly that, and what you can do to protect yourself from falling victim to it.
To put it simply, social engineering is the psychological manipulation of people into divulging confidential information. Unfortunately, and commonly, this confidential information includes usernames and passwords. These could be for email addresses, bank accounts, or even a Hosted Desktop or network environments. Typical tactics are to evoke, and take advantage of a potential victim’s emotional reactions.
Examples could be:
Don’t keep your password written down on a piece of paper or post it on your desk. Yes, we know that its long, full of strange characters, difficult to remember, and that Paul from Accounts does it, but it’s really best not to.
Be suspicious of any requests for information such as passwords or sensitive information. This is especially true of requests via email or phone – more than likely, it’s not legitimate.
Keep devices up to date. Set your anti-virus, spam filters and computer updates to auto-update. At the very least you should manually update them regularly.
Implement two-factor authentication. This adds another layer in the logging in process and protects you against stolen or fraudulently obtained login details. Typically, this would require a code to be entered that is sent directly to the authorized user’s phone, or for them to confirm an alert sent to them regarding the login.
That’s a great question, and one which we hoped you would ask! We take the security of our customers very seriously. We know that social engineering threats are on the increase, and to combat this, we are actively encouraging that our customers implement two-factor authorization.
This would mean, that even if a user fell foul of social engineering and unwittingly disclosed their login details to say, their Hosted Desktop, the sneaky social engineer wouldn’t be able to gain access. This is because they wouldn’t be able to bypass the second level of the login without the user’s smartphone, which would be asking them “Is that you trying to login?” Of course, it isn’t.
For more information on social engineering, or how we can make your hosted service more secure, contact us via info@cloud2me.co.uk or by calling us on 01737 304210.