As one of the final steps in our SOC 2 Security Audit renewal last week, auditors posing as clients called Safety Net to request immediate access to administrator-level passwords. Our team had no prior notice this penetration test was going to be happening. In Kevin’s words, “Our team performed like battle-hardened veterans!”
They stuck to their guns and followed security processes, even though at least one of the callers was insistent that he was that an executive. The technician still politely said he had to handle the request according to our security policy. Staff members (including non-technical staff) were also hit with many email phishing attempts, some of them looking very legit, and didn’t click on any of them.
Proof positive that IT security processes and training work! Our Your Net managed clients have this training available for their staff, and many have taken advantage in order to reduce the risk of a hacker or other criminal gaining access to their business.
For more information about IT security contact us.