For research into the security policy of organizations, students of the University of Twente thirty staff loaned laptops stolen. A candidate made for the research, a system with security scenarios could.
UT researcher Trajce Dimkov loaned thirty laptops to randomly selected employees of the University of Twente, under the pretext that he wanted to examine. He instructed the chosen ones their system is always fixed to the chains to the desk, the rooms to lock when leaving, and the notebooks of a password. Then spoke Dimkov with some students that they were going to try the laptops to steal. The security of the academic institution was informed to avoid any misunderstanding.
The students succeeded with sixty attempts quite easy to find thirty laptops to steal, writes the university. “People forgot, for example, to lock the doors. Sometimes concocted the students a good excuse, after which the maid or concierge, the door they opened,” says Dimkov. Also be successful the students to have access to the notebooks to obtain by itself for doing as engineers. “People tend to service and smooth words are sometimes hard to understand,” says the doctoral candidate about the use of social engineering techniques.
On the basis of the results of the research, developed Dimkov a system that gives you insight on what ways in an organization, the notebooks can be stolen. The prototype model should be fed with data as a map, information about employees, security, and locks. Algorithms connect the information and the model will end up with scenarios that any ‘holes’ in the security to uncover.
Trajce Dimkov works at the department of Distributed and Embedded Security of the research institute CTIT. He was promoted on 23 February at the University of Twente.
