48% of businesses don’t use a user verification policy for password reset calls to IT service desks

Nearly half (48%) of organizations do not have a user verification policy in place for password reset calls to IT service desks, according to a new Specops Software survey, which highlights social engineering vulnerabilities among IT service help desks. The information was uncovered as part of Specops Software’s survey of more than 200 IT leaders from the private and public sectors in North America and Europe.   In addition, the survey found that 28% of the companies that do have a user verification policy in place are not satisfied with their current policy due to security and usability issues. A user verification or authentication policy is the process of verifying the identity of a user attempting to gain access to a network or computing resource.

Read full article on Security Magazine