How security-aware are your employees? Can they be manipulated to share sensitive information with unauthorised persons? Our Awareness audits can provide you with the answers to these questions. You test your technology regularly, but your employees – the most important link in information security – also need to be tested regularly!
The NextTech Security Awareness audits and tests give you insight into the knowledge level, actual behaviour and social aspects that have implications for an information and security aware organisation. The result? A measurable behavioural change and action points for the future.
Our Baseline Audit consists of an online questionnaire and phishing simulation by default. It can be expanded with other social engineering screenings as desired.
|Awareness baseline audit||Social engineering*|
|Phishing by telephone|
|Portable device test|
Test the effectiveness of a completed or ongoing Awareness campaign by using our Security Awareness evaluation audit. This will also provide you with insight into issues that still need attention.
Unfortunately, we often see that security measures are only taken when an incident already has occurred. Many security incidents are caused by ignorance and negligent behaviour of your own employees. Test them with a social engineering screening and let them experience the danger!
The most popular form of internet fraud where a criminal fishes for login credentials or other data. We will set up a risk-free phishing mail that is sent within your organisation. Our generic mails are tailored to be used at any organisation. We then monitor the percentage of employees who open the mail, click on links and/or fill in login credentials. Do you want to test and train employees periodically? Check our phishing simulations.
Criminals increasingly use SMS to phish targets. Many targets do not expect this form of phishing, which makes it very successful. We send a secure phishing SMS for you, in which we spoof Voicemail (1233). The SMS contains an “infected” link that refers to a landing page. The SMS and landing page are customisable. We monitor the number of clicks.
One of our researchers visits your location, for example disguised as a printer mechanic. During this visit we map to what extent unauthorized access to the building and work spaces can be obtained, workstations are locked, login credentials can be obtained, and access to confidential information and files from printers, waste bins, and desks can be obtained.
With phishing by telephone, also known as voice phishing, we screen to which extent sensitive data or information can be obtained when your employees are approached by a NextTech researcher by telephone. By pretending to be, for example, an ICT employee and gaining the trust of the employee, the extent to which our “criminal” can retrieve confidential information is examined.
USB flash drives and portable hard drives are often exchanged between employees to share information. This can potentially lead to a loss or infection of confidential documents and data. By “accidentally” losing USB flash drives within your office we are able monitor the number of employees that can be tempted to connect a potentially infected portable device to their workstation.
Creating behavioural change and awareness among your employees with short online modules.
Let your employees compete in teams and engage them to think about information security in an accessible manner.
Our customers go for a carefree way of business. Would you like to receive more information about our audits and tests? Do not hesitate to call us at +31 88 018 16 00 or leave a message. We will contact you within 1 working day!