“And they say that a hero could save us, I’m not gonna stand here and wait…” sang Nickelback back in 2002.
Do we ever picture service desk staff as heroes? Are they really going to save IT from itself (of course IT is IT’s worst enemy), or even more save IT from cyber-attacks? The truth is, that being the single point of contact for users of IT services, the service desk plays a key role in cyber resilience efforts that any organization puts in place to address this key risk area.
What is cyber resilience?
It is defined as the ability to prevent, detect and correct any impact that incidents have on the information required to do business.The Merriam-Webster dictionary defines resilience as an ability to recover from or adjust easily to misfortune or change. And in this day and age where information has gone digital, it is no longer enough to put up defenses to protect against cyber-attacks, one must realize that attacks will happen and put in detective and corrective controls as well. Just ask Mossack Fonseca, the law firm in Panama whose client data on offshore links was leaked. They will tell you what a long week this has been.
The service desk software is involved in handling queries, requests and incidents raised by users and typically the activities involve validation of the users, providing access to services and systems, and resolving or escalating incidents. And this is where opportunities and risks of cyber-attacks emerge. Authentication is one of the main characteristics of a robust cyber resilience governance framework, and if anyone calls the service desk pretending to be someone they are not, then chances are that if the service desk does not have a system of validating who is calling, then an attack can be facilitated through a password change or an access grant.
It is very important that service desk staff are trained on understanding cyber resilience as their interface with users can be turned to a vulnerability if they are untrained. They should understand the potential for a malicious individual to impersonate a user and request for an illegal service access or password change for a user account to be abused or misrepresented. So service desk staff should be able to pick up on clues about impersonation, including asking for additional identity information. An option for a password reset could include sending it to the person’s phone as a text if the user has forgotten his domain credentials hence can’s access the service management system.
The service desk can also play another important role during major cyber resilience incidents, providing status updates advising users on actions to take when there has been a virus outbreak, phishing attack or malware infection on the IT systems. Since they are the point of contact with users, they have a more trusted relationship and can be listened to quite easily regarding corrective action that needs to be taken. This capability can be extended such that service desk can also be sending out tips on cyber resilience to users including information on password management, acceptable usage, removable device safety, vulnerabilities and threats among other key information segments. These tips can be consolidated into articles which can be kept in a knowledge base and referenced by users, sometimes as key words which can trigger notifications when a user is raising a ticket.
In addition, the service desk can help foster a culture of cyber resilience among users by being an example with regard to how to handle IT systems and information in a way that promotes cyber resilience in the organization. Just by the way they interact with users and deal with their requests, the service desk team can project knowledge and wisdom in detecting and addressing cyber resilience issues raised by the users. For instance, if a user asks for an improper access request, the service desk staff can take time to educate the user and remind them of access control policies. In case of a password change request, the service desk staff can perform KYC procedures while at the same time reminding the user of the key highlights in the password control policies. This way, the organization is assured that whenever users contact the service desk, they are most likely to meet with a projection of the cyber resilience governance approach being deployed in the organization.
So is service desk the unsung heroes of the IT organization? By being equipped with the appropriate knowledge and tools (which have to be continually improving based on the ever changing cyber risks and business environment), the service desk team can be a strong contender for the best front line defense for the organization in helping and equipping users with the right accesses that will keep the organization cyber secure. It only takes the leadership of the organization to make an effort to invest in these guys and make them aware of the important role they play in safeguarding the organizations assets against internal and external threats.