The term Tailgating is known in English-speaking countries as "following too closely" (with a car). In IT security, this term belongs to the field of social engineering, specifically physical red teaming or physical penetration tests. The attacker's goal is to gain access to a building, room, or premises. For example, the attacker can exploit the helpfulness of an authorized employee by asking them to hold the door open so they can "quickly" come in.
The legitimate employee opens the door and the attacker simply follows them, thus sneaking into an access area to which they shouldn't have access.
What are Tailgating Methods?
-
Exploiting helpfulness
see example above - simply following an employee through a door -
Forged access documents
the attacker finds a way to copy or forge a legitimate access card -
Mail carrier
the attacker disguises themselves as a mail carrier, postal worker, or delivery person to gain access -
Lost IDs
pretending to have lost one's ID and requesting access through a third party
How can companies protect themselves against Tailgating?
Employees in particularly sensitive areas should receive appropriate training. There should be no exceptions - nobody should be let in quickly just because they are in a hurry or have forgotten or lost their ID. Access areas should be specially secured and have a deterrent effect - surveillance cameras, access controls, and turnstiles instead of simple doors are proven methods.
Thank you for your feedback! We will review it and optimize this content.
