Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/17/2013
03:33 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Weak Help Desk Security Traced To Lack Of Training, Loose Processes And Too Much 'Helpfulness'

RSA announces new report by the SANS Institute spotlighting the threats and privacy issues facing help desks

BEDFORD, MASS, JULY 17, 2013 - RSA, The Security Division of EMC (NYSE: EMC), today announced the findings of a new report by the SANS Institute spotlighting the threats and privacy issues facing help desks today. Surveying more than 900 IT professionals worldwide, SANS 2013 Help Desk Security and Privacy Survey identifies the most common help desk vulnerabilities and offers guidance designed to help organizations address these critical issues. Survey results include results on organizations' help desk processes, procedures and personnel behaviors that have potential implications to enterprise security.

Help desks are most commonly asked to assist users in addressing common IT problems including password resets and application and connectivity issues. Often the performance of help desk employees is measured by how quickly they can serve callers and resolve the issue. Unfortunately, in many cases, security does not play a major role in the process and as a result, help desks have become an unintended entry point for hackers and malicious insiders attempting to gain access to sensitive enterprise resources.

Most respondents (69%) identify social engineering as their biggest threat to help desk security. Yet a majority of organizations still use basic personal information including name/location and employee ID number to verify the identities of callers into the help desk -- information that can be easily sourced by an imposter. Furthermore, many help desk employees will bypass security controls in an effort to be more helpful to the caller.;

In addition to the human component, lack of training, tools and technology also plays a key role in overall help desk security. More than 51% of respondents say they have a moderate approach to help desk security as part of their overall corporate security controls, but are not necessarily focusing on training or additional technologies for day-to-day activities. With most budgets determined by the number of users serviced, rather than cost per call or even cost of potential security breaches, establishing a return on investment (ROI) for new processes, additional training, and tools for daily support can be extremely difficult. Additional findings include:

· 44% of respondents ranked verification of call-in users a much greater threat than that for self-services users (11%).

· Only 10% of respondents ranked their security practices for the help desk as robust.

· Nearly 43% of respondents do not take the cost of a security incident into account when establishing their help desk budget; rather help desk budgets are determined by the number of users.

The help desk continues to be the preferred method for employees to resolve basic IT issues. Its very charter is to better serve users and as a result, help desk staff can hold excessive privileges making it an attractive target for social engineers and technical hackers to attempt to gain entry into networks. In order to close the gap on help desk vulnerabilities, organizations need to re-think their approach to meet the convenience demands of users while protecting against threats. Recommended best practices include:

· Automation and self-service options for common user issues including password resets to help reduce errors and vulnerabilities that lead to successful breaches and data theft

· Robust and continuous training for help desk personnel to learn how to spot and react to potential social engineering attacks

· Advanced tools that leverage dynamic data sources and new authentication methods to more accurately identify users and their location

RSA EXECUTIVE QUOTES:

Sam Curry, Chief Technologist, RSA, The Security Division of EMC

"In many instances the help desk is the first line of defense against breaches and securing it should be as important as any other business-critical function. The new help desk needs to strike a balance of enhanced security and end-user convenience that integrates security directly into the process by adding technologies for automation and enterprise-level authentication, and continuous training to mitigate human error."

FEATURED RESOURCES:

· SANS 2013 Help Desk Security and Privacy Survey

· Webcast: Securing Help Desks: A SANS Survey

· White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception

ABOUT RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading GRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-4147
PUBLISHED: 2019-09-16
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 158413.
CVE-2019-5481
PUBLISHED: 2019-09-16
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
CVE-2019-5482
PUBLISHED: 2019-09-16
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-15741
PUBLISHED: 2019-09-16
An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation
CVE-2019-16370
PUBLISHED: 2019-09-16
The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.