Strong password encryption in appliance configuration files is your last line of defense, but it should by no means be overlooked. As to social engineering attacks, you should be familiar with a few peculiarities when the target of an attack is a network appliance rather than a user workstation.
While the whole IT infrastructure should be protected from social engineering, remember that, Cisco-wise, your gateways and remote access servers/VPN concentrators are most vulnerable to this type of attack, especially if they are installed and/or managed by a third party, such as the ISP. As you can see from the last part of this chapter, an attacker who manages to sneak in and approach the device with a console cable is very difficult to defend against and has a great chance of success. Beware of this threat and stop anyone from hanging around the racks in the computer room without a sound reason, even if the person is an internal employee.