ID 20/20: How Engler IT Stops Social Engineering and Protects Clients 24/7

At its core, social engineering exploits human weakness, not technical weakness. It works by tricking someone into granting access through:

A convincing phone call
A spoofed email
A fake identity
A deepfake voice
Stolen credentials
Manipulation of trust or courtesy

It’s the classic “Hi, this is Carl in accounting. I’m locked out and need a reset” scenario. In a busy office, or a growing company where people don’t know every employee personally, this can be extremely effective.

With today’s tools, attackers can:

Spoof phone numbers from your company
Clone employee voices
Use data from the dark web
Fake employee identities
Impersonate executives

The result? A devastating breach from a simple phone call.

This is exactly the threat ID 20/20 is built to stop.

Why Social Engineering Is a Serious Risk for IT Help Desks

If an MSP doesn’t verify identities properly, a single malicious request can lead to:

Unauthorized account creation
Stolen data
Deleted files
Ransomware attacks
Compliance violations
Complete network compromise

For example:

A terminated employee could call the IT help desk before HR notifies the IT department. If the help desk believes their story and grants access, the damage can be catastrophic – and the client will absolutely hold the MSP responsible.

At Engler IT, preventing this scenario is non-negotiable. That’s why every client we serve is protected by ID 20/20 24 hours a day, 7 days a week.

Why ID 20/20 Matters for Engler IT Clients

Engler IT manages critical, sensitive environments, many preparing for or maintaining CMMC compliance. That means we cannot rely on guesswork, trust, or familiarity when someone calls for support.

We must know exactly who we’re talking to.

ID 20/20 gives Engler IT a standardized, automated identity verification process that is fast, secure, and impossible for attackers to bypass without the proper credentials.

And unlike other MFA solutions, ID 20/20 is:

Easy
Fast
Non-intrusive
Zero-install for end users

No app required.
No complicated setup.
No frustration for employees.

Just clean, reliable, 24/7 protection.

Fully Integrated Support Authentication

Engler IT integrates ID 20/20 directly into our support environment to ensure that every request is legitimate before any change, reset, or access is granted.

What ID 20/20 requires:

A partial verbal identity check
A random, single-use verification code
Delivery to an email or phone number on record
Confirmation through a secure system

Because the code is generated in real time, and Engler IT has no access to the code itself, attackers cannot social engineer our technicians into giving them information or access.

ID 20/20 also integrates seamlessly with our ticketing system, automatically logging:

Successful verifications
Failed attempts
User cooperation
Process adherence

This creates a clear audit trail—a major advantage for CMMC and NIST 800-171 compliance.

How ID 20/20 Stops Social Engineering Attacks

1. Identity Verification Twice Over

First, Engler IT verifies the caller verbally.
Then, ID 20/20 requires a second verification with a randomly generated code sent directly to the user’s trusted device or inbox.

Without both steps, no changes are made. Period.

2. The Technician Never Sees the Code

This is crucial.
If a tech never sees the verification code, the attacker can’t manipulate them.

3. No Opportunity for Data Leakage

The system prevents technicians from inadvertently confirming or volunteering sensitive information.

4. Mandatory Logging for Compliance

Every verification attempt is logged – successful or not – ensuring:

Full visibility
CMMC audit readiness
Clear accountability
Zero gaps in process

5. It Overrides Human Error

Even the best technicians can be fooled.
ID 20/20 removes that risk entirely.

How Engler IT Clients Get 24/7 Coverage

Our clients benefit from ID 20/20 protection every minute of every day, including:

Late-night help desk calls
Off-hours system access
Emergency password resets
Contractor or temp worker onboarding
Executive impersonation attempts
Fraudulent access requests

If someone tries to impersonate an employee, manager, or executive, the system stops them in seconds.

No exceptions.
No workarounds.
No special treatment.

This is a foundational layer of Engler IT’s security program – and one of the many ways we keep our clients CMMC-ready and breach-resistant.

How You Can Reduce Social Engineering Risks

ID 20/20 is a powerful layer of protection, but Engler IT always recommends pairing it with:

Employee awareness training
Phishing simulations
Strict access control policies
Clear verification procedures
A culture of “trust but verify”

CMMC demands process.
ID 20/20 enforces it – 24/7.

Recent Social Engineering losses in the news:

City of Baltimore, MD (again)

Wired over $1M to an imposter, thinking they were talking to the right person over the phone – money lost forever. Full story on our website

Comcast

Forget the ransom – Comcast paid $1.5M this month in FDC fines for not properly protecting their data before their breach happened. Full story

County of Spartanburg, SC

View this letter from the county judge that explains no answer for 27 years of estate ownership documents gone from a cyber attack. Only a sad, typewriter-composed apology.