Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: Reader submitted question on Social-Engineering - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Reader submitted question on Social-Engineering

As you can imagine, here at the ISC we get thousands (tens of thousands?) of user submitted questions and suggestions.  Let me tell you what, we appreciate it.  It's what binds the galaxy together. (TM)

But we had a user submitted question today that I found particularly interesting.  Jim wrote in asking us:

"I am looking for some good policies and practices to help my help desk avoid falling victim to social engineering.  I looked around on SANS and other sites but find little more than asking a few questions to verify identity.  We are also considering a callback as a auditing step.  What do you think?"

So what DO you think readers? 

 

Joel Esler

http://www.joelesler.net

Joel

454 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!