Because leaked staff directories are not as safe as handing out business cards. The reason is: social engineering. Not some kind of Orwellian concept; it’s a well-known method for computer hackers to get into an organization's network. Dumpster diving and dressing as a contract repairman are a couple of the more entertaining types of social engineering, but just knowing someone’s job title and phone number can create an easy guise for, say: impersonating a senior manager, calling the internal IT helpdesk, and demanding a password. Most companies have security proceeds to guard against it; but there are plenty of tales of hackers getting a crucial piece of information with just a name, job title, and a persuasive phone manner.Forget about the security and hacker issues with this leak. Imagine the telemarketing bonanza this will set off!
Technorati Tags: identity management,security,Royal Dutch Shell,Shell
No comments:
Post a Comment