User Account

All Pages

Explain the main objectives of social engineering

Assignment Help Management Information Sys
Reference no: EM131991632

DISCUSSION_1

Information security within an organization could be easily compromised once the access to information is given from insiders or stolen from the outsider by any means possible. Based on my experience as supervisors, managing a supermarket, I was often met with similar situations as described by the boss.

Calls from individuals with presumable made-up name claiming to be as vendors who would like to supply their products to our supermarket, often turn into conversations that are related to sensitive information relating other vendors, their product, and price related questions.

Spam messages that have become identifiable normal email communicate from vendors could also pose the great security risk for the organization.

According to Kaspersky, Spam emails are sent out to the recipient for spreading malicious code onto recipients' computers and running phishing scams to obtain sensitive data like password and financial information (Kaspersky, 2018). From my previous experience, these emails are usually the cause of computer breakdown and loss of information in a couple of branches which had supervisors who had little knowledge regarding computer and Spam will using email.

As for people who have been seen searching company's trash dumpsters for recyclable containers, it is obvious that they attempted to salvage any possible sensitive information from the company.

In this case, the management should have met within the company with employees who have direct access to company sensitive information. Inform everyone of possible attempt to breach information security and educate those who might have little knowledge of email spam.

Disposable documents through recyclable dumpsters need to be thoroughly managed to ensure that no possible information could be gathered through the trash. And lastly, ensure that employees understand their role regarding using and sharing sensitive information via telephone calls, email and hard documents to ensure information security in the company.

Below are methods an organization guarantees that its system is ensured:

Install Anti-Virus Software:

Guarantee that legitimate hostile to infection programming is introduced on all computers. This ought to incorporate all servers, computers, and workstations. On the off chance that workers utilize PCs at home for business utilize or to remotely get to the system, these computers ought to likewise have against virus programming introduced.

Ensure that the anti-virus software is up and coming:

Regular new PC viruses are being discharged and it is fundamental that organizations are shielded from these infections by keeping the counter infection programming a la mode. On the off chance that conceivable, organizations should take a gander at strategies whereby PCs that don't have the most avant-garde hostile to infection programming introduced are not permitted to interface with the system.

Employ a firewall to ensure systems:

As PC infections can spread by implies other than email, it is imperative that undesirable activity is hindered from entering the system by utilizing a firewall. For clients that utilization PCs for business far from the assurance of the organization's system, for example, home PCs or PCs, an individual firewall ought to be introduced to guarantee the PC is ensured.

Filter all email movement:

All approaching and active email ought to be separated for PC infections. This channel ought to preferably be at the edge of the system to anticipate PC infections. Messages with certain record connections regularly utilized by PC infections to spread themselves, for example,EXE,COM and.SCR documents, ought to likewise be kept from entering the system.

Article 2:

In my view all of these strange incidents were caused by social engineering. The main objectives of social engineering are the same as hacking .To get unauthorized access to system or information submit misrepresentation, organize interruption, modern reconnaissance, wholesale fraud, or essentially to disrupt the framework or system. Run of the mill targets incorporate phone organizations and voice-mail, enormous name partnerships and budgetary establishments, military and government offices, and doctor's facilities.

Social engineering can happen in two ways. One the physical and the psychological. First we will focus on physical setting for these attacks, the working environment, the telephone, your trash, and even on-line, in the work environment, the hacker can essentially stroll in the entryway, as in pictures.

And pretend to be a support laborer or advisor who can access the association. At that point the gatecrasher swaggers through the workplace until the point that he or she finds a couple of passwords lying around and rises out of the working with adequate data to abuse the system from home soon thereafter. Another technique to get authentication information is to just simply remain there and watch an employee type in his password.

Social Engineering by Phone

The most pervasive sort of social engineering is led by telephone. A programmer will call up and emulate somebody in a place of authority or pertinence and step by step pull data out of the client. Help desk are especially inclined to this kind of assault.

Dumpster Diving

Dumpster diving, also called as trashing, is another popular method of social engineering. A colossal measure of data can be gathered through organization dumpsters.

The LAN Times recorded the accompanying things as potential security spills in our junk: "organization telephone directories, authoritative diagrams, updates, organization strategy manuals, timetables of gatherings, occasions and excursions, framework manuals, printouts of touchy information or login names and passwords, printouts of source code, plates and tapes, organization letterhead and notice shapes, and obsolete equipment."

These sources can give a rich vein of data for the programmer. Telephone directories can give the programmers names and quantities of individuals to target and imitate. Hierarchical diagrams contain data about individuals who are in places of expert inside the association.

On-Line Social Engineering

The Internet is ripe ground for social designers hoping to collect passwords. The essential shortcoming is that numerous clients frequently put only same password on each different account.

Prevention for social engineering:

· Prepare workers/help desk people to never give out passwords or other secret information by telephone.

· Tight identification security, representative preparing, and security officers show.

· Try not to type in passwords with any other person display (or in the event that you should, do it rapidly

· Telephone (Help Desk) All workers ought to be doled out a PIN particular to enable work area to help

· Keep all waste in secured, monitor area, shred critical information, and delete attractive media.

PLEASE READ ABOVE 2 ARTICLES AND COMMENT WITH 150 WORDS ON EACH ARTICLE

Reference no: EM131991632

Questions Cloud

Identify the areas that need improvement : Briefly analyze the issue with theories found in your textbook or other academic materials. Decide which ideas, models, and theories seem useful.
Prepare an annotated bibliography : Prepare an annotated bibliography that speak to the media and impact. This includes information on the primary audience(s) of time magazine in relation.
What is the purpose of prices in a market system : What is the purpose of prices in a market system? Is there a better way to allocate products?
What is gross private domestic investment : Calculate the percentage of each category in nominal GDP and in real GDP - What is Gross private domestic investment - What does gross private domestic investm
Explain the main objectives of social engineering : In this case, the management should have met within the company with employees who have direct access to company sensitive information.
Balance between income and increasing expenditures : how much must he earn the following year just to keep up with inflation and maintain the balance between his income and his increasing expenditures?
Two approaches to trade policy : Suppose a country is deciding between two approaches to trade policy: one approach is to regulate a side range of industries and products.
Assuming the firm goes through with the recapitalization : Calculate the return on equity (ROE) under each of the three economic scenarios assuming the firm goes through with the recapitalization.
Discuss impact of culture on successfully conduct business : The impact of culture on successfully conducting business internationally has grown in recognition over time, but equally the world in which.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Show performance-based work statement

Performance-based Work Statement - prepare performance-based work statement and what can be done to overcome that challenge?

  How emerging cloud computing technologies hold great promise

Describe how emerging cloud computing technologies hold great promise for system developers. Discuss the benefits of CASE tools in information systems development.

  Operational information for investorshow might information

operational information for investorshow might information on a companys operations in different industries be helpful

  Write and concisely about introductory information systems

Insert a picture of the person or of something that relates to the person, and include the name of the person you admire -information resources

  What are the advantages of an e-commerce business

MGT 401- If you are unable to secure funding, what are the alternatives to starting your own business? What are the advantages and disadvantages of an e-commerce business? Should traditional businesses also offer online sales?

  Explain the risk management

The Department of Homeland Security (DHS) risk management process serves to strengthen resilient systems within communities.

  Create a project scope management plan

Create a project scope management plan that will detail how the project scope will be defined, managed, and controlled to prevent scope creep.

  Web services and types of data storage infrastructuresthis

web services and types of data storage infrastructuresthis solution provides the learner with an understanding of the

  Show importance of good managers and good systems

Discussion after the speech focuses on the importance of good managers and good systems. You participate by explaining why both are integral to an organization and the effects, if any, of an imbalance within any of these areas.

  Draw a use case diagram for the webapp

Draw a use case diagram for the WebApp described in the above scenario. The use case diagram is to be submitted on paper

  Compare and contrast a business case and a business plan

Select a business case template that you like and tell me why you selected that business case template. I want you to reference at least three different business case templates and select the one you believe to be the best.

  Develop the preliminary investigation report

IFSM 461: Systems Analysis and Design - develop the Preliminary Investigation Report (PIR), which will examine the problems/opportunities.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd