SECURITY CHECK-IT: STEP 15
The Service Desk
Today, let’s talk about the IT Service Desk, the central point of contact for employees who want to have their IT problems solved quickly and correctly. If a Service Desk runs properly and proactively, it ensures more productivity and lower costs for the company.
However, hackers have to spoil the fun again, because they actively focus on IT Service Providers and their customers. For example, they try to hack the provider’s remote management tools, or pretend to be a helpful member of the Managed Service Provider (MSP).
It is therefore crucial that MSPs use leading remote management software, preferably from vendors that include privileged access management. We, MSPs, must use pre-installed tools as standard and refrain from ad hoc support tools (such as LogMeIn Rescue / Splashtop SOS / Teamviewer) that can be run from the public internet. Why? Because these ad hoc tools are also available for hackers posing as the MSP.
Privileged Access Management
For your security, we implement a Privileged Access Management or PAM solution, which ensures that critical data within the organisation is secured, controlled, managed and monitored. Through this solution, our Tyneso Service Desk staff can access your environment without knowing or seeing the passwords. The passwords are injected directly into the remote session. An effective Privileged Access Management solution keeps these passwords in a secure location, where only active administrators can use them and use them only once. This prevents former administrators within the organisation, such as former employees, from being able to manage, access or change data.
For end users, it is crucial that they have a well-defined support process that is easy to use and that it is adopted into today’s workflow. That’s why we defined how we wanted to get support from our suppliers and set up a service flow that provides maximum security and ease of use for end users.
Always at your service
To ensure your security, we install a remote management and monitoring agent on every device under our control. Users are taught that this is the only way they can remotely access their PC, blocking phishing attempts by hackers.
If the customer does not have access to his phone or the internet, you can also make a classic call to the helpdesk. Tyneso will always redirect you to the SSL-supported Tyneso support page, which places a secure layer between the server and the internet browser. As an end user, be vigilant and never rely on remote support from another party.
Through our secure tool, other suppliers get time-based access from Tyneso to the specific server in your environment via PAM, which we mentioned earlier in this blog post. This is a better and more secure way than giving full VPN access to parties who only need access to, for example, a video surveillance server.
Do you have any more questions? We will be pleased to help you! Send an email to firstname.lastname@example.org and we will contact you as soon as possible!