Thalès Security
The best and most important protection is training. Human factor is crucial.
There is a famous military company in France, Thalès. Their site is heavily protected, of course. They have TWO badging checkpoints.
There was a guy, a security consultant, who wanted to work with Thalès but Thalès was arrogant saying they need to help.
So one day he came in. He passed the first gate asking someone to let him in : "Excuse-me, I forgot my badge I need to go to the reception desk can you please let me in ?" Worked like a charm.
Once in-between the two gates, instead of going to the reception desk, he went straight to the waiting area, where guests visitors await to be picked up by Thalès employees. And there, he dropped a USB key with a label on it : "Salaries of Executive Committee". He just had to leave and wait until someone picked up the USB key and put in his laptop... Of course the USB key was a Trojan horse and gave him access to Thalès intranet.
That's how things happen : the weakest link is always the human link.
(Source : Duc HA DUONG. Hangout 10/01/2018)
