5 ways the help desk may be hurting you

By Bryan Hood, solution engineer for remote support software provider Bomgar, Network World |  Security, help desk


Image credit: ITworld/Phil Johnson

Aptly named, a company's help desk is primarily focused on resolving technology issues so the business as a whole can function successfully. Despite the best of intentions, however, help desks can put the company at risk by using legacy tools, shared passwords and incomplete security practices.

[IT offshoring still works, if you're careful and Tech blunders, drama, comedy!]

The start of a new year is a great time to examine these issues, so IT leaders can ensure their help desk is better positioned to help, and not hurt, the company in 2013. Here are five things to guard against.

[ RECOVERY: The worst IT addictions (and how to cure them) ]

* Using outdated remote access tools: As more and more employees work from remote locations, help desks are increasingly depending on remote access tools to get into and fix systems. Unfortunately, many support organizations still rely on legacy remote access tools such as RDP, VNC or Dameware to fix remote computers over the Internet, opening the company to a potential data breach in the process. 

According to Verizon's 2012 Data Breach Investigations Report, unsecure remote access tools accounted for 88% of all breaches leveraging hacking techniques. This is up from 71% in 2011 and 34% in 2010. Most help desks are working with limited budgets, but upgrading their remote access tools to a modern, secure solution is a small price to pay to protect the organization from hackers. It's time for organizations to wake up to the serious risk these legacy tools pose and make 2013 the year these attacks take a downward trajectory. [Also see: "Data breach? Blame your third party's remote access systems"]

* Sharing generic passwords: On the topic of remote access tools, some help desks use solutions that only offer named licenses. To maximize their investment, these organizations often share licenses using default logins -- Tech01, Tech02, and so on -- resulting in no record of who is accessing what systems, and what they're doing once they're in.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness