Letting your employees have a sneaky fag outside the building could let hackers sneak in, according to security experts.
As a total ban on smoking in the workplace fast approaches, one company warned that this could literally provide a back door for hackers to gain access to corporate networks.
Tests carried out by penetration testing company NTA Monitor, found that some of its testers were able to gain access to a company network literally through a back door as they spotted workers crowded outside the rear of an office having a cigarette.
The tester simply walked through the door and then asked an employee to take them to a meeting room claiming that the IT department had sent them there. According to the company, the person had not got a pass and was easily able to connect his laptop to a VoIP network through a telephone point.
"It used to be that companies 'left the back door open' in terms of internet security, now they are literally leaving their buildings open to accommodate smokers," said Roy Hills, technical director at NTA Monitor. "We are experiencing a surge in demand for social engineering tests as hackers are turning to social techniques to infiltrate corporate networks."
Hills said that this social engineering test proved that once inside a corporate building, an attacker can use social methods on employees to gain access to restricted areas and information if a rigid staff pass system is not in place.
