Whether you are a small time entrepreneur, or the CEO of a large corporation, you cannot escape the daily challenges of business. You may be equipped with adequate resources, but without determination and drive you will not be able to take on new challenges
"It is a tremendous responsibility for us to have all the eyes focused on what we do and give people exactly what they need when they ask for it." Larry Page - Google
Technotism aims to define, design and deliver technology-enabled business solutions for all type & size of companies Apart from these we will be constantly exploring in-house ventures.
The search for static security - in the law and elsewhere - is misguided. The fact is security can only be achieved through constant change, adapting old ideas that have outlived their usefulness to current facts.
"Information technology and business are becoming inextricably interwoven. I don't think anybody can talk meaningfully about one without the talking about the other"-Bill Gates
Technology is neither good nor bad, nor even neutral. Technology is one part of the complex of relationships that people form with each other and the world around them; it simply cannot be understood outside of that concept.Here at Technotism its more of like a religion
"When you see something that is technically sweet, you go ahead and do it and you argue about what to do about it only after you have had your technical success. That is the way it was with the atomic bomb"Julius Robert Oppenheimer- American nuclear physicist.
"Business, more than any other occupation, is a continual dealing with the future; it is a continual calculation, an instinctive exercise in foresight"-Henry R. Luce
"Quality in a service or product is not what you put into it. It is what the client or customer gets out of it"-PETER DRUCKER
The term "social engineering" has been used for years by hackers to describe the technique of using persuasion and/or deception to gain access to information systems. Such persuasion and deception is typically implemented through human conversation or other interaction. The medium of choice is usually the telephone, but it can also be communicated via an email message, a television commercial, or countless other mediums for provoking human reaction. (Consider a floppy drive or CD labeled “Payroll” and left in a hallway or restroom within an organization. On the media is malicious code. Would anyone in the organization insert this media into their computer and access the contents?) Technotism will perform the type of social engineering most appropriate for your organization.
Our methodology mirrors our approach to security assessments. We begin with target identification and information gathering, followed by exploitation attempts. We systematically apply these principles in a customized approach which depends on the objectives of the particular situation. We work closely with our client to define the test scenarios. The test scenarios are tailored to test-specific policies and processes within their organization. Some organizations may have incident response procedures in place to report suspicious phone calls.
Technotism can test these procedures by making obvious attempts at gaining confidential information without proper authorization. This is an excellent way to test the effectiveness of a security awareness training program, or lay the foundation for creating an awareness program.
Three common attack vectors we have identified include:
* Phone calls to individuals within the organization. This will normally include the helpdesk and specific individuals that are identified as critical company personnel.
* Carefully crafted phishing emails targeting specific groups or individuals that would attempt to coax information from the recipient.
* A floppy drive or CD with an enticing label such as "Payroll" or "Quarter-end Preliminary Results" that is left in a hallway or restroom in specifically targeted locations. On the media will be malicious code.
Regardless of what type of social engineering testing is finally agreed upon, when we complete the testing, we will provide a detailed report about the policies that were tested, and the results of each attempt.