Are your corporate accounts secure?
Probably not! Even when your organization has strong password policies with 10 characters of different types and change every 3 months, you might risk that someone successfully tries to get a password to your account!
According to a survey by the Service Desk International (SDI), 35% of organizations have no process for authentication for password reset in the service desk! Of the remaining 65% the authentication can in many situations be too limited to prevent a direct attack on an account.
We find it very surprising that the manual password reset process is unmanaged at a time where IT-security investments in general are very high. We have however often met CIOs who admit that persons with the will to get a password for another person’s account probably can pass, - even if the service desk attempts to try a personal authentication.
For the 65% of organizations with authentication, it's often based on information available in the IT-system like employee-number, name of your boss, your present address. Although the majority of people will not be able to answer correctly –still a user with a purpose can get this information in advance!
If you want to get a compliant password reset process covering as well self-service, as the assisted password reset process feel free to contact us to learn more about FastPass Password Compliance Management
Nieuws & evenementen
Learn all about Enterprise Service Management
Roundtable Enterprise Service Management 24 June 2019
Join us at 4me Connect 2019! Buy your tickets now!
4me named Rising Star by ISG!
4me Connect 2019 is coming soon!