Stop social engineering at the IT help desk

2023-11-23 09:09

Sponsored Post Ransomware can hit any organization at any time, and hackers are proving adept at social engineering techniques to gain access to sensitive data in any way they can.

Reports suggest the attack will cause an estimated US$100m hit to its revenue after the hotel and gambling firm was forced to shut down its IT systems to contain the damage after customer contact information, gender, date of birth, social security, passport and driver's license numbers were stolen.

Rather than attacking the IT systems itself, the hackers used social engineering tactics to persuade an employee to reveal sensitive user credentials over the telephone.

So how can any organization be sure that the person who is making a request for access to company systems, data and applications is actually who they say they are? Especially when pretty much anybody can so easily harvest the information they need to help them conduct a convincing impersonation from the masses of data freely available on social media?

Specops reckons it has the answer in the form of its Secure Service Desk, which uses dynamic multi factor authentication - something you know, something you have, something you are - to reduce the risk of hackers successfully using social engineering to fool staff on the help desk.

The solution offers various identity verification options, including mobile or email codes, and integration with commercial Identity Access Management tools like Duo Security, Okta and PingID. You can learn more about how Secure Service Desk authenticates and securely verifies the identity of callers to IT helpdesks and request a free trial or demo of the software here.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/11/23/stop_social_engineering_at_the/

#socialengineering