{"id":888,"date":"2006-08-20T00:52:07","date_gmt":"2006-08-19T23:52:07","guid":{"rendered":"http:\/\/www.darrenstraight.com\/blog\/2006\/08\/20\/how-to-protect-companies-from-social-engineering-threats\/"},"modified":"2006-08-20T00:59:39","modified_gmt":"2006-08-19T23:59:39","slug":"how-to-protect-companies-from-social-engineering-threats","status":"publish","type":"post","link":"https:\/\/www.darrenstraight.com\/blog\/2006\/08\/20\/how-to-protect-companies-from-social-engineering-threats\/","title":{"rendered":"How to Protect Companies from Social Engineering Threats"},"content":{"rendered":"<p><strong>Who Should Read This Paper:<\/strong> This paper provides security management information about the threats posed by social engineering and the defenses that are available to help resist social engineering hackers. Social engineering describes primarily non-technical threats to company security. The broad nature of these potential threats necessitates providing information about threats and potential defenses to a range of management and technical staff within a company, including:<\/p>\n<ul>\n<li>Board management<\/li>\n<li>Technical operation and service managers<\/li>\n<li>Support staff<\/li>\n<li>Security staff<\/li>\n<li>Business managers<\/li>\n<\/ul>\n<p><strong>OVERVIEW:<\/strong> Gain valuable information about the concepts of social engineering within the IT security workspace. In section one, the guide provides a working definition of social engineering that can be used within a company&#8217;s security policies and is meaningful to non-IT security staff. The guide describes the aims and objectives of an attacker and shows how social engineering, like hacking, is a threat to all businesses, not just enterprise or government institutions. The guide will also cover:<\/p>\n<ul>\n<li>Social engineering and the defense-in-depth layered model<\/li>\n<li>Social engineering threats and defense<\/li>\n<li>Online, telephone-based, and waste management threats<\/li>\n<li>Personal approaches<\/li>\n<li>Reverse social engineering<\/li>\n<li>Designing and implementing defenses against social engineering threats<\/li>\n<li>Developing a security management framework<\/li>\n<li>Risk management<\/li>\n<li>Social engineering in the organizational security policy<\/li>\n<li>Awareness<\/li>\n<li>Managing incidents<\/li>\n<li>Operational considerations<\/li>\n<li>Security policy for social engineering threat checklists<\/li>\n<\/ul>\n<p><a href=\"http:\/\/www.microsoft.com\/downloads\/info.aspx?na=90&#038;p=&#038;SrcDisplayLang=en&#038;SrcCategoryId=&#038;SrcFamilyId=05033e55-aa96-4d49-8f57-c47664107938&#038;u=http:\/\/download.microsoft.com\/download\/4\/7\/e\/47e99f63-1e5e-4ad7-a408-d7f584aede8b\/How+to+Protect+Insiders+From+Social+Engineering+Threats.doc\">Download Word Doc Here<\/a><br \/>\n<a href=\"http:\/\/www.microsoft.com\/technet\/security\/midsizebusiness\/topics\/complianceandpolicies\/hpiset.mspx\">Read Online @ TechNet<\/a><\/p>\n<p>I saw this added on the Microsoft Download Centre\u00a0today but had not noticed the TechNet link at the bottom to thanks goes to Blake for pointing that out in <a href=\"http:\/\/bhandler.spaces.live.com\/blog\/cns!70F64BC910C9F7F3!1359.entry?_c=BlogPart\">his post<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Who Should Read This Paper: This paper provides security management information about the threats posed by social engineering and the defenses that are available to help resist social engineering hackers. Social engineering describes primarily non-technical threats to company security. The broad nature of these potential threats necessitates providing information about threats and potential defenses to a range of management and<\/p>\n<div class=\"clearfix\"><\/div>\n<div class=\"pull-left padding-top-25\"><a href=\"https:\/\/www.darrenstraight.com\/blog\/2006\/08\/20\/how-to-protect-companies-from-social-engineering-threats\/\" class=\"btn btn-theme\">Continue reading<span class=\"screen-reader-text\"> &#8220;How to Protect Companies from Social Engineering Threats&#8221;<\/span> <i class=\"fa fa-fw fa-long-arrow-right\"><\/i> <\/a>  <\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-888","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/posts\/888","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/comments?post=888"}],"version-history":[{"count":0,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/posts\/888\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/media?parent=888"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/categories?post=888"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/tags?post=888"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}