A mini escape game.
Uh-oh. We have a problem.
Matthew from the IT team was fired last week but it doesn't look like his access has been revoked. He was (understandably) not happy with the firing decision and has taken some action, changing the CFO's password right before a big investor meeting.
We need your help to recover her password and download her important finance document before the meeting.
We've found Matthew's old work phone, a safe box he had in his desk and a photograph he left behind. We've got a couple of access cards that might be useful too.
Reckon you can help?
Alongside more 'technical' learning outcomes, like those listed below, our escape rooms all help to develop players' core skills. Working in groups, participants can expect to build on their teamwork, problem solving, and communication skills whilst learning something information security. It's kind of a package deal.
Poor access control can cause a whole host of problems for organisations, particularly where ex-employees are concerned.
Through discussing the causes for the escape room "incident", we can get an understanding of potential impacts of lax security controls for unused identities within our business environments.
Players should be able to identify the passwords required through the clues provided.
Conversation can be guided towards the complexity of the passwords and ways in which the information could be discovered without need for extensive research or specific tools.
Staff understanding security policies within an organisation is imperative for compliance with standards like Cyber Essentials and ISO 27001.
Through playing the escape room, you can start discussions with participants about what policies the company could have implemented to support better outcomes.