Physical security tested in multiple ways.
A physical test is where a team, targets the physical aspects of a business these can include, any of the below, but are not exclusive. At WFF we understand that not everyone has the same problem, that’s why we can break down any of the below in to stages of a test.
You can simply pick and mix from the below list, finding what suits you best, the team will work with you and help you design the best test possible for your business.
Front Desk Test
Your entry and exit points are always of interest to criminals, they are normally that first place a criminal heads for when trying to gain entry to a building or office. In the past the team at WFF have gained entry to businesses by just asking to use the lavatory. These are very real threats that we all face everyday.
Your outer edge is what is in front of all bad actors. Sometimes just the way a building is constructed can cause vulnerabilities. Your access controls can also be targeted by criminals looking to gain entry to your business.
Shoulder Surfing/ Tailgating
Bad actors are always looking to gain entry to your premises, they can easily bypass cyber security by gaining access to internal systems.
Access control panels.
Criminals and bad actors often look to undermine the access controls to gain entry to a business.
Often CCTV is fitted by companies that are experts in fitting cameras and trying their best to get you the best coverage possible. WFF understands how criminals look for vulnerabilities and blind spots giving you total confidence that your CCTV is being used to the best of its
capabilities. Includes Network Test.
Locks, Alarms Bolts & Bars
This is a thorough look at locks and physical security measures. Are your Locks alarms bolts and bars up to scratch, could your locks be picked? Your alarms be silenced or even worse hacked. would they pass the criminal test?
Other techniques we may use include:
• Dumpster Diving
This where we get down and dirty, rubbish is always top of the list for any bad actors, on many occasions we find passwords and login credential in rubbish thrown out by a business.
• Social Engineering
Social engineering is an attack vector that criminals use, and one of the biggest threats we face today. ‘Hacked’ data would not be the problem that it is right now without social engineering. Because social engineering is how criminals are able to monetise the data that has been stolen during a ‘hack’. Without social engineering the data is worthless.
• In-depth Reconnaissance
An in-depth look at a business over a longer time. Looking at structure and procedures of security and everyday staff habits that may lead to variabilities. This can include an in depth look at staff behaviour and how that could undermine security processes.
SMS text Phishing, is a tactic used by criminal/bad actors to gain information from victims. WFF have an extensive range of SMS messages designed capture information from a work force.
• Mystery Worker
• Lock Picking
• RFID Cloning
More information upon request.
We observe your business, then plan an approach with you. Our team will be unknown to your staff and operate covertly. They will test a series of approaches, reporting to you at every stage.
Within two weeks of the test you will receive a report which includes documentation of the process, outcomes, risk analysis and recommendations for remediation.
Once the full report and any video/photographic documentation have been delivered, you will be in a strong position to re-evaluate your security strategy.
WFF is available to provide impartial advice on solutions to vulnerabilities which may
have been uncovered. We offer innovative and effective training courses to mitigate ongoing risks.