Microsoft advice on social engineering controls
A useful guide from Microsoft explains a range of controls to reduce the threat of social engineering attacks. It's a 37-page Word document. Here's an extract from the overview:
This document is part of Microsoft's Midsize Business Security Guidance collection.
"To attack your organization, social engineering hackers exploit the credulity, laziness, good manners, or even enthusiasm of your staff. Therefore it is difficult to defend against a socially engineered attack, because the targets may not realize that they have been duped, or may prefer not to admit it to other people. The goals of a social engineering hacker—someone who tries to gain unauthorized access to your computer systems—are similar to those of any other hacker: they want your company’s money, information, or IT resources."
This document is part of Microsoft's Midsize Business Security Guidance collection.