Social engineering policy responses | Information Systems homework help

All posts must be (2) substantive responses with a minimum of 150 words each for Responses 1 and 2. Ensure you list and break down each response in a word document, along with its reference. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.

RESPONSE 1:

Training is key to understanding what social engineering is and the various methods that are used to socially engineer. Training staff in a way that allows them to fully understand what social engineering is, rather than simply using examples from past incidents to warn them against it. Having procedures in place that require identifiers that are special to a person is another method. This can be done by having a passphrase to access your account data, the staff member would be required to have the customer give this along with name and number before any service could be rendered. This is a standard practice in medicine with full name and birthday. However, I think because of social media and online breaches full name and birthday are far too common for threat actors to find, so they should no longer be used, or at least used with another form of identification. This concept is basically two factor identification for a person’s identity. Another tactic would be to send fake phishing emails, to educate/train staff on what they look like, this would give them practice looking out for malicious emails. Phishing can also be done via text or phone with links send over text message and automated voice messages telling users of overdue bills or other tasks that require action, insisting the user give over detailed information. Ensuring that all documents are disposed of properly is another factor along with regular walk throughs and audits to ensure sensitive data is not in the open. There are many facets to social engineering, but training and authentication procedures are key to every policy, in conjunction with controls enacted by the security officer.

– AMANDA

What are the most common social engineering techniques? Vircom. (2018, October 9). Retrieved January 10, 2022, from https://www.vircom.com/blog/common-social-engineering-techniques/

Five ways to prevent social engineering attacks. Maureen Data Systems. (n.d.). Retrieved January 10, 2022, from https://www.mdsny.com/5-ways-to-prevent-social-engineering-attacks/

RESPONSE 2:

At the Bank of the Great Danes (BGD) we hold strong cybersecurity principles to ensure that attacks and hacks are mitigated or prevented as much as possible. Social engineering is a type of attack that is easy to fall victim to and the BGD does not want to be a victim of social engineering. There are a few policies that have been put in place to ensure the likely hood of this happening is minimal. These attacks usually involve a person doing research on an organization and taking what they learned from that and using it against that company to get past security and authentication (Pilette, 2021).

At BGD it has been implemented that, documents will be discarded properly in a container that is sent off to be shredded in a secure offsite location. These trash bins do not allow for someone to be able to reach in and take documents out. It also prevents these documents from being thrown in the outside dumpster where a hacker can dumpster dive for sensitive information (Mitnick, 2021). Another social engineering countermeasure is to make sure all meetings are held in a secure office environment. Previously BGD held meetings in coffee shops to make the environment less work like but that must now be stopped to prevent people from eavesdropping.

Another social engineering countermeasure to take is added verification security when guests, vendors, or outside hired workers come into the building. If a hired worker comes in stating they are so and so, from ABC company, hired by BGD management, before they are allowed to come into the building this must be verified with management (Washo, 2021). Management must be sent to the front desk and confirm they are legitimately sent by management to prevent a hacker from posing to get access. Many things will be in place to prevent social engineering, people try and be deceptive but with training, it can be prevented.

– ROBERTO

Mitnick, S. (2021, April 5). 6 types of social engineering attacks. Retrieved January 09, 2022, from https://www.mitnicksecurity.com/blog/6-types-of-social-engineering-attacks

Pilette, C. (2021, June 26). What is social engineering? A definition + techniques to watch for. Retrieved January 09, 2022, from https://us.norton.com/internetsecurity-emerging-threats-what-is-social-engineering.html

Washo, A. (2021, July 25). An interdisciplinary view of social engineering: A call to action for research. Retrieved January 09, 2022, from https://www.sciencedirect.com/science/article/pii/S2451958821000749







Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more

Order your essay today and save 10% with the coupon code: best10