IT service desks have become a security liability

When remote employees want to reset their passwords, they escalate the problem via email or give their IT service desk a call. But what if a hacker posing as an employee gets in contact?

Security best practice would dictate that the IT team verify the identity of the sender, but according to research from Specops Software, this is something just half of organizations do. The other half (48 percent) don’t have a user verification policy set up for incoming calls to IT service desks.

Source link