The IT help desk and IT security are intertwined, and how you run your help desk can make a positive difference in the IT security of your organization.
“I’ll type in Mommy’s PIN and we’ll see if we can’t make my Mattel stock a little more valuable.”
IT help desks often assist users in addressing issues like connectivity and passwords, and yet help desk employee performance is often measured in terms of how quickly they resolve issues. In the rush to improve resolution times, security may become less of a priority, and sometimes help desks become unintended gateways for those with malicious intent.
Most IT help desks only use basic personal information in verifying caller identity, like name and employee ID number. Bad guys can get this information fairly easily in some organizations and use it to gain access to IT resources. Here are some ways to ensure the help desk doesn’t fall down on the job when it comes to IT security.
Flag Certain Help Tickets
When a new help desk ticket is logged, it’s a good idea to have a field indicating the potential for a security risk. For example, if the IT service desk is unable to verify the identity of someone accessing the service desk by phone, a box could be ticked to indicate this. Tickets could also be flagged during the resolution process. Suppose a service desk worker is interacting with an end user and notices that the end user has not installed a security patch in some software he uses. If the end user fails to install the patch or refuses to for some reason, the ticket could be flagged.
IT service desk workers could also flag calls that “feel” wrong, like when a caller avoids authentication and persists with questions about the network, or tries to pressure the service desk worker to let a security violation slide “just this once.” When any of these flags are checked, the IT security point of contact could be automatically sent an alert so that she can review the information and, if necessary, audit the end user’s activity.
Set Appropriate Levels of Authentication
Determining the right level of end user authentication for your organization can be tricky. If it’s too flimsy, the service desk can be exploited. Yet, if you ask for an unreasonably stringent level of authentication, employees will avoid the IT service desk and its relationship with end users can deteriorate. Different levels of authentication can be established, for example, for remote users versus requests made by people on-site calling from internal numbers or submitting tickets from the internal network.
You don’t have to get carried away, however.
Use Good Asset Management Software
Great IT asset management software can be a strong ally in IT security. This software collects information about the machines that end users access every day, including what software is installed, whether their various security patches and upgrade are current, and whether end users take their laptops with them on travel. Using asset management reports, the IT service desk can determine if there’s a difference between the records of an end user’s hardware/software and software and what they state in their help request. If the person submitting the request doesn’t give accurate information, the ticket can be flagged for further security verification.
IT help desk best practices for being an integral part of overall IT security include automation and self-service options for common end user problems (like password resets that can automatically flag things like multiple password tries and lockouts). Continuing training for help desk workers and all other employees on IT security and how to spot potential threats keeps the importance of IT security in the forefront of everyone’s minds. Use of robust authentication measures through help desk software can help ensure that nefarious people aren’t able to slip through due to security oversights.