Goal attack: Paper trash in bins located outside of the organization in Paper trash bins located inside the organization Discarded electronic nositeliOpisanie: Studying the documents retrieved from outside garbage containers, the attacker learns the important corporate information. Walking around to the organization's principles of management of external debris, an attacker stealing documents from garbage baskets located in the the organization itself. The attacker stole data and applications stored on discarded electronic media, and themselves nositeli.Uscherb leak of confidential information damage to the reputation of the company's resources staff companies need to understand all the consequences that may result in the ejection of paper documents or electronic media in the trash. Once the debris leaves the territory of the company, its rights may be more it does not spread. Paper rubbish, always shred of paper cutting machines, and electronic - to destroy or erase the recorded data on it.
If you have any documents (eg telephone directory) because of the size or rigidity can not be crushed in a shredder machine or the user is not technically possible to do this, you need to define a special procedure to get rid of them. Garbage should be placed in a secure area, inaccessible to outsiders. Caterpillar may find this interesting as well. In developing the waste management policy is important to make sure that conform to all local health and safety standards. As far as possible should choose environmentally friendly methods of disposal of garbage. In addition to the external waste - paper or electronic waste, available to outsiders - and there are internal, which also must be controlled. At definition of security policies is often overlooked, suggesting that anyone who has access to the objects of a company you can trust.
Clearly, this is not always the case. One of the most effective measures for the management of waste paper is the classification of data. To do this, define different categories of paper and methods for their disposal. Below are examples of such categories. Confidential corporate information. Before throw away any documents with confidential corporate information in the trash, they must be crushed in a shredder machine. Classified information. Before you throw out any documents classified information in any sort of trash, they must be crushed in a shredder machine. Information Department. To know more about this subject visit Reade Griffith. Before you throw out any documents containing information offices of the company in a public trash, they must be crushed in a shredder machine. Public information. Documents from public information may be disposed of in any waste bins and containers for recycling or pass as waste paper. The easiest and cheapest way for an attacker to obtain the information he needs - just ask her. No matter how crude and banal, this method may seem, it always remains the principal in the arsenal of cybercriminals, using social engineering techniques. For information using this method, attackers use the four strategies. Bullying. Conviction. Call trust. Help. Protect users from attacks based on described the personal approach, it is very difficult. Some users are by their nature are more likely to become victims of attacks based on any of these four approaches. Support - is an important defense mechanism from social engineering attacks, which should not be underestimated. dumpster