Social engineering backgrounder and how-to prevent yourself from becoming the next victim. Special emphasis is placed upon the simplicity and ease with which various social engineering strategies, preventatives and countermeasures can be implemented without requiring a degree in rocket science.
This article’s aim is to provide you with a little background information about social engineering and how not to become the next in the long line of social engineering victims. Specific emphasis will be placed upon the preventative side of social engineering while at the same time maintaining a simplistic approach to implementing solutions.
The Human Factor
Always bear in mind that security does not stop or start with the technology alone. The simple reality of the world in which we live is that it is/will be us humans who will to some degree or other be using, controlling, implementing, regulating, maintaining, modifying, repairing or adding to the technology’s base functionalities and capabilities.
The reasons as to why any given specific attribute is managed by or manipulated in a particularly way are many and varied. To complicate matters even further many decisions concerning the approach taken in the implementation of many technologies may not even be rationale-based.
“I want it all and I want it now” or “Oh! I just love that color”. These are but two of the many immensely powerful emotive factors that can exert great influence at decision time.
The Big Picture
The overall result however; will be such that these factors will oft times equate to uses of any specific technology in a multitude of ways; which those who originally designed and built the technology could not have possibly have ever envisioned.
Right from the get go it must be said that no matter how good a solution may be in fulfilling the needs of individuals and organizations alike. Failure to address the usability factors will inevitably result in dramatically less than expected uptake and adoption of said solution by individuals, organizations of all forms and sizes and everything in between.
The Weakest Link
We live in a world of humans using technology and time and time over it is the human that is usually the weakest link in any technological chain or strategy. The more complex and sophisticated that chain, strategy, process or project is the more often human actions or lack thereof will result in disruption to said chain and processes etc.
So it is that we can reliably assume that; in the vast majority of instances, humans will; from a security perspective, be any system or technology’s weakest link. We will therefore need to adjust our planning and procedures to reflect this.