What is the best way to undermine the social engineering activity of tailgating?

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

A.
Post a sign that states, “no tailgating” next to the special card reader adjacent to the secured door

B.
Issue special cards to access secured doors at the company and provide a one-time only brief description of use of the special card

C.
Setup a mock video camera next to the special card reader adjacent to the secured door

D.
Educate all of the employees of the company on best security practices on a regular, recurring basis

Explanation:
Tailgating will not work in small company’s where everyone knows everyone, and neither will it work in very large companies where everyone is required to swipe a card to pass, but it’s a very simple and effective social engineering attack against mid-sized companies where it’s common for one employee not to know everyone. There is two ways of stop this attack either by buying expensive perimeter defense in form of gates that only let on employee pass at every swipe of a card or by educating every employee on a recurring basis.



Leave a Reply 0

Your email address will not be published. Required fields are marked *