Maybe you’re not aware, but the help desk is often regarded as one of the easiest ways into your networks.
Security experts often refer to help desks as a companies’ biggest security vulnerability because the majority of help desk technicians are poorly trained to identify social engineering attacks. They are simply doing what they’ve been trained to do—help resolve your users’ issues. More often than you’d like to imagine, a help desk agent has been the target for malicious phishing campaigns.
Why a help desk technician and not someone in accounting or HR—someone that might have easy access to protected data?
Because a help desk technician likely has access to ALL of your users’ data. They can remotely access your computers—in an effort to help resolve computer headaches. But have you ever given second thought to this scenario: what if someone phishing for your business data or information called into your help desk? Would the technician willingly help the person at face value? Would they make you go through several hoops to prove you’re who you say you are?
Nearly 20% of help desk workers phished by their employers FAILED to protect company data when prompted access to specific user machines.
And what’s worse is that nearly 70% of help desks fail to monitor their technicians—to track call logs, keep record of authentication changes. Many help desks are ill-informed on recent system upgrades. And the majority of help desks have little infrastructure to effectively evaluate where a breach would have occurred—because they lack proper documentation processes.
Today, I want to talk about some basic security measures your help desk NEEDS to have in place to avoid getting your business tangled up in a big breach down the road.
Log help desk calls—if you aren’t keeping track of help desk calls, you will have no clue when a caller is prying for information and no way to go back to assess how a help desk call could have contributed to your breach. Help desk calls should be monitored not only for security issues, but also to provide feedback to your help desk team as to how to handle calls. Note: social engineers will try many tricks—yelling, crying, persuasion—to break your technician. Seeing where your team is vulnerable is key to making sure they won’t crack under pressure—or at very least, to evaluate whether your technicians are following your documented process on call handling.
Use phones designed for call centers—having professional equipment helps the technician easily record their calls and play back customer interactions after the call ended. If the technician had fallen to social engineering, having the right phone system may help staff fix the security issue before it grows into an uncontrolled breach.
Communicate Help Desks’ Role in Updates—effective and continual communication with your help desk team ensures they are aware of possible user issues before someone calls in. If your help desk is informed of changes made to your system, they can better anticipate how to help users and better-equipped to identify scams.
Call Them Back—when users call in and ask for network credentials, changes in permissions or even changes to their own passwords, a good practice is to call them back on a documented line to ensure your technician is in fact talking to the right person. Having caller ID on your system may be insufficient, as scammers are smart and may mask their phone number.
Document Suspicious Activity—this may seem like common-sense, but many help desks fail to record suspicious calls because they lack a documentation process that makes sure that ALL calls are recorded and tracked.
Evaluate Technician Performance—help desk managers should be constantly and vigilantly checking technician performance. They should monitor calls and provide timely feedback. Managers are normally more experienced than technicians and add an additional layer of security to prevent social engineering. You should expect your help desk to be monitored for quality assurance by an experienced manager that understands both
You might expect your technicians to know better—be able to recognize a user from a fraud, but without processes in place, you would be surprised to find technicians verifying user identity before granting them card-blanch access to your most vulnerable data. You NEED SAFE expert help desk support.
Can you wait until your help desk gets phished and your corporate data gets breached before taking action to shore up your help desk security? Contact us TODAY for a help desk security assessment.