CPSC 420 Chapter Notes - Chapter 10: Social Security Number, Digital Identity, Physical Security
Document Summary
Every employee usually has access to the organization"s system, however limited a capacity- most organizations, at the least, create an email-id for each person they employ. Almost every employee has a digital identity- name, social security. Every employee is a potential social engineering target- each person is vulnerable through email, the telephone, through social media, or in person. Physical security is important as well- a housekeeping employee who has the keys to almost every room in the organization could let in a malicious intruder. Hackers target everyone- they are aware that organizations do not invest in training all their personnel and target unconsidered targets like the plant operation personnel, housekeeping staff, and temporary interns. Insiders are a significant threat because they know the system and what data it could contain. Insiders could copy, modify, or delete files without appearing as an attacker.