First we learned about how social engineers like to prey on new employees, now we see that entry-level employees are also major targets. This is a major problem for companies. Entry-level employees are paid less than others and usually have the least amount of education however their jobs are arguably some of the most important. Low-level employees are usually the ones who come into contact with the customers. For example at a restaurant, the waiters have total control over the experience that that the guest has. The owner of the restaurant can plan all they want however if a guest has a rude/inept waiter they will have a bad experience. This holds true in terms of information as well. These low level employees often have clearance to information that is just as valuable as what managers have.
In order for a company’s security to be compressive it has to stretch across the entire organizational chart. ALL employees need to be properly trained and educated in the company’s security policy. Like the example with the security guard showed, even someone at the bottom of the food chain in the organization can have a profound impact. Management needs to pay more attention to these “low-level” employees because in my opinion, they are the lifeblood of the organization.
3 comments:
Entry level employees need to be compensated for the fact that they are the protectors of some very valuable information. Maybe if they are also trained on how to avoid such attacks, they will feel as a part of the effort to stop them and be more aware.
Unfortunately many of ourselves and many of our friends and classmates are going to be those targeted entry level employees. Luckily for us, after reading this book we know what to look out for.
I agree that comprehensive training is need for all employees. However, why would entry level employees put effort or concern into the training when they are earning the lowest wages? Training will only succeed if the participants truly take ownership in what is being taught.
Post a Comment