The Information Security Specialists

Social Engineering & Physical Security

The smoking ban introduced in July 2007, a triumph for campaigners, but have you ever considered how it may have affected the security of your company? Groups of nicotine-craving staff huddled under a shelter right by one of your entrances on a wet and windy winter afternoon; would they take much notice of the lone straggler tailgating them as they rush to get back into the warmth of the building?

Here in the UK we’re often far too polite to confront somebody who may just be legitimately going about their everyday business, but it’s likely this virtue is the reason we miss the occasional person who has malicious intentions.

What happens if the entry card system doesn’t lock the door for over 15 seconds after someone has entered the room? Is anyone keeping an eye out when the security guard steps outside to get some fresh air for five minutes? Would a member of staff readily hold open a usually secure door for a courier holding a large heavy box? Could the helpdesk be too helpful without following correct procedure? Are general procedures explained to a temp drafted in to cover for your receptionist who has come down with the flu?

Regardless of the time and money you’ve spent protecting your network with the latest security products, it is the human element that can often be the weakest link in network security. If you’re a large organisation, would a member of staff on the IT Helpdesk recognise the voice of your Finance Director, or challenge somebody trying to impersonate them and asking for a forgotten password so they can access crucial information from ‘home'?

What about the other aspects of your physical security? Are your server rooms adequately secured from unauthorised access or protected from incidents such as fire or flooding? Are security cameras installed? Is your air-conditioning in the server room at the optimal temperature? Do you have disaster recovery or business contingency planning?

All of the examples and questions posed above are not just possibilities for the purpose of scaremongering; Incidents can and do happen and the most unlikely of scenarios are identified, as has been proved successfully by NTA when performing social engineering exercises and physical security assessments.

Remember, a chain is only as strong as its weakest link and the same is true of your security.

One of the team is always willing to discuss any specific requirements or questions you might have so feel free to contact us.

English French German Italian Portuguese Russian Spanish
Call us now on
01634 721855

Latest News

I wish to highlight the outstanding work that your consultant undertook whilst doing the ICT Health Check for the Council.

View all Testimonials

Particularly notable was the level of technical knowledge displayed by NTA’s consultants, and we were also impressed that they were willing to share this knowledge with the network team.

View all Testimonials

We have found NTA to be an excellent supplier, offering a very good service at a competitive price. A key differentiator is that they are happy to answer any questions...

View all Testimonials

I have found NTA to be an approachable knowledgeable partner, and have no hesitation in recommending their services.

View all Testimonials

The NTA testing programme was a success on all fronts.

View all Testimonials

The quality of both the initial work and follow-up advice and guidance was excellent, and NTA provided full lifecycle support to the development and delivery of our Online Services portfolio.

View all Testimonials

On one occasion our third-party did not believe the vulnerability was an issue - having had their software tested by another well-known security testing company - and NTA Monitor were...

View all Testimonials

NTA Monitor are very supportive, especially regarding general questions about Information Security issues such as hacking and vulnerabilities.

View all Testimonials

NTA Monitor has been a trusted supplier for a number of years and we have found them to be approachable, helpful and understanding of our needs relating to information security.

View all Testimonials