What Is Ethical Hacking?

Can your employees spot a “phishy” email?

One of the most interesting aspects of cyber security is the fact that it’s not the technology you have in place that is most critical. It is the humans you have working for your organization. You can have the most robust firewall out there but if you have users that don’t know what to look for, or aren’t aware, all that technology won’t help much. The best firewall is the human firewall.

So, how do you build the human firewall?

In today’s world, it requires your employees being constantly vigilant. The best way to enforce that is through regular, consistent employee training. Having a certified ethical hacker who performs regular penetration testing will take you a long way in training your employees. A certified ethical hacker is a professional that knows how to check for weak spots in your network using a variety of penetration testing techniques. Through those tests, he is able to analyze the security of your systems and your employees.

There are many strategies for training your employees. The overall practice is called White Hat Social Engineering. A certified ethical hacker uses the very same techniques that the bad guys will use to train employees on what to look for, scaring them a little bit. Now we don’t want them to be so paranoid that it actually effects their productivity. But there’s a nice balance you need to establish with your users between basic awareness and productivity.

A well-configured email on Domain’s SECaaS program can eliminate up to 98% of phishing emails and virus threats before you can even receive them. Internet content filters have become a must-have for all computers connected to the Internet, and are especially useful to businesses who rely heavily on email communication.

          Network Monitoring

You can buy the best security cameras in the country installed in your business’s buildings, but if no one’s watching the live feed, what good are they really doing? The very same can be said for network security; you could be using state-of-the-art tools to protect your network, but if no one is monitoring the traffic, it won’t do your business any good. With our SECaaS solutions, our team of cyber security experts will be using the most sophisticated security tools on the market to guard your network, testing security strength and preventing intrusions in real time. Consider us your personal network bodyguards.

          White Hat Social Engineering

Unfortunately, the one thing SECaaS can’t change is the occurrence of human error. No amount of filtering, testing and monitoring can completely prevent a person from mistakenly clicking on a bad link. Cyber threats are constantly evolving, always adapting to security trends and increasing in sophistication. Ironically, in the face of the probability of human error, the best firewall is a vigilant employee. Using White Hat Social Engineering, we will help to train your employees on what to look for in order to recognize a phishing email or link, as well as how to identify possible weak points in your network security, giving you the best firewall of all; The Human Firewall.

A certified ethical hacker uses the very same techniques that the bad guys will use to train employees on what to look for, scaring them a little bit.

amazon-phish
One primary technique is fake phishing emails. Fake phishing emails to all your staff is a great way to get a feel for who your weak links are. True phishing emails are designed to look like they are from real companies, whether it be a LinkedIn request, EZ Pass notification, or even Amazon. They can look very legitimate, but there are always details that are off. With the regular practice of sending fake phishing emails that point out these details, staff learn what to look for. So if staff know the fine details they need to look for, they should be able to sense something “Phishy” in a real phishing email.

Having a resource internally to stay on top of this critical piece of security can be burdensome for companies and the cost of this security expertise can be substantial. With our Security-as-a-Service offering, we’re not only on top of how your firewall is configured, what antivirus you have, what filters are in place, but include White Hat Social Engineering services as a critical piece of your Cyber Security practice. Cyber security policy training, fake phishing emails, and introducing new threats will keep your employees on their toes and create a healthy suspicion of emails. And these are only a few examples of things we do for our cyber security clients on a regular basis.

Was this article helpful?

For more information about how Domain Computer Services can benefit you.

Risky Business: Defining 3rd Party Vendor Risk

Hiring third-party vendors to provide services at an affordable rate has gained traction as a major trend among businesses, and exponentially so for businesses in need of IT support. Here’s the catch: “risk” is a pretty broad umbrella term, with no two vendors or regulators defining risk in the same way. To effectively create assessments for third-party vendors, let’s break “risk” down.