Social engineering is one of the key ways attackers can gain access to or information about your organization. People are the weakest link in the daily management of network security. To mitigate this, Digital Defense (DDI) offers an examination into the security awareness and practices of your employees and suppliers.
DDI offers several options for this solution, depending on your organization's needs, preferences, and resources.
Off-site Social Engineering is ideally performed on a semi-annual basis to provide an accurate representation of your employee's security awareness. It includes a wide range of attacks, each specially designed to give important information on employee reactions.
There are several options for off-site engineering:
Option 1: DDI places calls to internal staff members and/or suppliers, specifically attempting to gain sensitive information.
Option 2: DDI sends targeted emails with an action to call a local number (vishing), specifically attempting to gain sensitive information.
Option 3: DDI sends targeted emails with an action to visit a website (phishing), specifically attempting to gain sensitive information.
Option 4: DDI will send targeted emails with an action to reply with information (phishing), specifically attempting to gain sensitive information.
On-site Social Engineering is ideally performed annually to provide an accurate representation of your employee's security awareness. DDI uses several on-site testing methods, including:
With both forms of testing, DDI provides a detailed report with all methods employed and weaknesses discovered.
Many benefits to clients can be gleaned from DDI's Social Engineering testing, such as:
DDI will provide a formal softcopy report of all evaluation findings, which can be used for internal review, planning purposes, and regulatory examinations.
Our social engineering solutions support organizations in achieving compliance with the following regulatory guidelines: