Creating workflows around verifying password resets can be challenging for organizations, especially since many have shifted work due to the COVID-19 global pandemic.
With the numbers of cyberattacks against businesses exploding and compromised credentials often being the culprit, companies have to bolster security around resetting passwords on user accounts.
How can organizations bolster the security of password resets for remote workers? One security workflow might involve having manager approval before IT helpdesk technicians can change a remote worker’s password. In this way, the user’s manager is involved in the process.
Additionally, some organizations might opt to allow managers themselves the ability to change end-user passwords. How can this be configured in Active Directory? Also, is there a more seamless solution for requiring manager approval for password resets?
Why password reset security is critical
This past year has undoubtedly created many IT helpdesk staff challenges, including supporting a workforce containing mainly remote workers. One of the difficulties associated with remote employees is a security challenge surrounding password resets.
Cybercriminals are increasingly using identity attacks to compromise environments. It often provides the “path of least resistance” into an environment. If valid credentials are compromised, this is often the easiest means to attack and compromise business-critical data and systems.
images from Hacker News