Holding the Door Open for a Thief: Controlling Social Engineering Online

A professional hacker – who has gone straight and now goes by the job title of “Ethical Intruder” – lays out the truth with this simple statement:  “Take it from a hacker, we are not trying to break in through your next-generation firewall when we can simply ask your users for credentials.”

The sloppy, ill-informed, or unthinking release of credentials – the user names and passwords that permit access to your cyber files online – by employees or vendors is the digital equivalent of holding the door open for a thief to stroll into your sensitive operations with little or no resistance.  In the parlance of cyber security, the ways in which legitimate users either control or surrender control of their credentials is known as “Social Engineering.”

Social Engineering typically is seen within organizations as either an IT issue or the responsibility of Human Resources.  At its core, Social Engineering is a behavioral and awareness issue that hackers know is the easiest and quickest way to crack a cyber defense and avoid detection.

This has become an even more prevalent problem during the COVID-19 pandemic.  Attackers have increased use of their predatory skills against unwitting employees, who simultaneously have become more susceptible to clicking on or downloading files by providing their credentials on nearly anything related to the pandemic.

Entering this commonplace, yet incredibly valuable, information without giving a second thought as to who else might be watching can spell real trouble down the line.

It becomes incumbent on employers to educate and enforce standards regarding the unauthorized or uncontrolled use of employee credentials.  This single step can actually become one of the most effective ways to convey the very real threats that exist, and to tighten up the business’ cyber security protection.


Copyright 2021 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Cybersecurity Resources from The Reschini Group

For more information on cyber security safeguards, contact The Reschini Group today.

 

Safety Can Be Fleeting: Maintaining a Safe Fleet Program

Operating a fleet of vehicles remains a necessity for many businesses.  Drivers climb into cars and trucks every day, occasionally using multiple vehicles for differing purposes.  But do they know the expectations of their employers?  What kind of training and instruction have they received?  What are the rules about purchasing fuel?  Is personal usage ever permitted?  What about parking a company vehicle at their homes during non-working hours?

A consistent fleet safety program means not only cost savings, but also reduced liability, improved employee satisfaction, and enhanced safety performance.  While a program is best when tailored to the exact parameters of a specific business, here are some basic elements that every plan should include:

  • Secure and promote the support and commitment of all levels of management.
  • Issue written policies and procedures regarding all aspects of vehicle use related to the business, and ensure that all drivers have ongoing access to this information.
  • Create a roster of all drivers, including those who drive on behalf of the business using fleet vehicles, personal cars and trucks, and rented vehicles.
  • Screen and select drivers to create a reliable team of safe drivers as the key to ongoing fleet safety success.  Adhere to clear and detailed hiring standards.
  • Offer and record completion of training to all drivers, covering vehicles safety policies and procedures, including defensive driving.
  • Formalize schedules and record keeping related to vehicle inspections, repairs, and maintenance, to avoid costly breakdowns and accidents due to faulty equipment.
  • Manage drivers regularly, offering additional training where needed. Also manage accidents carefully to better understand areas of exposure and reduce the likelihood of future accidents.

The professionals at The Reschini Group can help your organization get a fleet safety program in place that works for your specific needs.  Contact us to talk more about this important consideration.


Copyright 2021 The Reschini Group

The Reschini Group provides these updates for information only, and does not provide legal advice. To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Fleet Management Resources from The Reschini Group:

Contact us to talk more about this important consideration.