Subscribe to our blog

Articles published weekly by IT security and compliance professionals with decades of experience

  

Subscribe to our blog

Articles published weekly by IT security and compliance professionals with decades of experience

  

Subscribe to our blog

Articles published weekly by IT security and compliance professionals with decades of experience

Cyber Security Services

Social Engineering Assessments

Social Engineering Assessment Services

The human element continues to pose the greatest risk to the data that an organization holds on behalf of their clients. Whether that information is credit card information, protected health information, or any other type of confidential, sensitive data, Social Engineering remains one of the most commonly used tactics for hackers and thieves to gain access to your critical systems. While investing in the top of the line technology is critical to keep unauthorized users out of your system, creating a culture of security and investing in your employees as the first line of defense is essential for organizations of all sizes and across all vertical markets. 

Compass IT Compliance performs Social Engineering Assessments for organizations to give them a true snapshot of the controls that they have in place today versus areas of weakness within an organization. This provides them with a true gap analysis and remediation plan to effectively build a culture of security and keep the data they possess safe. All of the Social Engineering Assessments that we provide are tailored to your organization's needs and all tests that we perform as a part of the Social Engineering Assessment are conducted in a controlled environment. Compass then provides you with detailed reporting on the activities performed and the potential impact to your business. 

Some of the services that we include in our Social Engineering Assessments are:

  • Phishing Campaigns - Emails (customizable, broad or targeted) are sent to employees with tracking on who clicks, how many times they click, downloads, information given, etc.
     
  • Vishing Campaigns - Phone calls are made to employees while impersonating management, third parties, or customers, attempting to gather critical information such as login credentials, account numbers, office layout, etc.
     
  • USB Drop Attacks - Drop USB memory devices at your physical locations with the ability to identify who picks up and plugs in these devices into work computers
     
  • Physical Site Visits - Physically visit your location(s) to attempt to gain access to your building, gain access to restricted areas, impersonate staff and vendors, dumpster diving, after hours walkthroughs, etc.

No matter what your needs are, Compass IT Compliance's Social Engineering Assessments will give you the opportunity to identify weaknesses in your controls and establish remediation plans to mitigate your risk associated with the human element of information security. Contact us today to learn more!

 

Contact Us

Related Resources

 

 

 

What is Social Engineering?

 

 

 

The Science Behind Human Hacking (Christopher Hadnagy)


Social Engineering Blog Posts