The recent MGM breach was made possible by a bad actor social engineering the help desk into providing them access. Does your organization take steps to authenticate callers to your help desk before the help desk performs any actions that may allow access (changing passwords, resetting/disabling/reconfiguring MFA etc.)  If yes, how have these methods worked out? Were they effective and did you get any pushback from users?

2.5k viewscircle icon3 Comments
Sort by:
IT Analyst2 years ago

Yes, Service Desk must call them back at their number listed in the company directory.  No user pushback.  

Chief Information Security Officer in Healthcare and Biotech2 years ago

Yes

Co-Founder in Services (non-Government)2 years ago

on a separate note, as an idea, have rules that will alert if people want to disable MFA. 

Content you might like

How have you calculated ROI of AI solutions (including agents) that you've rolled out at your firm? Are there specific KPI's that you've focused on and how have you measured (and validated) the value?

Read More Comments

When negotiating the closing of a sale, what value proposition has been the most successful for you?

UN DESCUENTO43%

CAPACITACION57%

Generative Pre-trained Transformer 3 (GPT-3) is what-

Too Much Hype24%

Amazing Engineering - Great step forward36%

Still lacking judgement23%

Too Dangerous3%

Whats is GPT-3 ? How do i learn more?12%

View Results

What advancements in artificial intelligence are anticipated for 2025?

Read More Comments

We’re currently evaluating alternative Microsoft Licensing Solution Providers (LSPs) due to ongoing dissatisfaction with our current partner under our Enterprise Agreement (EA). As we look to make a change, we’re hoping to learn from others in the community who have navigated similar transitions. We’re particularly interested in your experiences with: • LSPs that provide more than just transactional value — Have you worked with an LSP that offered strategic guidance, proactive support, or added value beyond licensing fulfillment? • Partner delays due to LSP involvement — Have you encountered inefficiencies or delays when your consulting partner had to coordinate through an LSP? How did you address this? • Hybrid approaches — Has anyone adopted a model where the LSP handles licensing while a separate consulting partner provides strategic or technical support? How has that worked in practice? Any recommendations, red flags, or lessons learned would be greatly appreciated. We’re aiming to ensure we’re getting the best support and strategic alignment possible moving forward.