Specops Secure Service Desk Now Supports Entra ID, On-Prem and Hybrid Customers : @VMblog

Article

Search:

Follow VMblog.com:

Improve end user experience in VDI, DaaS and physical endpoint environments

Specops Secure Service Desk Now Supports Entra ID, On-Prem and Hybrid Customers

Specops Software, an Outpost24 company and leading provider of password and identity management solutions, has announced that its Specops Secure Service Desk for Cloud now supports native Entra ID, including on-premises and hybrid, enabling cloud-based organizations to verify the identity of callers to the service desk using stronger authentication methods that minimize the risk for user impersonation. Currently Microsoft does not offer built-in identity verification for users contacting the service desk. Specops Secure Service Desk solves this problem by verifying users when they contact the service desk, now including cloud-only environments.

"Cybercriminals have significantly stepped up their game in targeting service desks to gain access to corporate networks leading to loss of revenue and erosion of brand loyalty and reputation," said Omri Kletter, Chief Product Officer at Outpost24. "That's why it is more critical than ever that all organizations, whether cloud, hybrid, or on-prem-based, arm themselves with the most powerful tools to protect against these kinds of attacks."

In recent months, many high-profile organizations, including British retailer Marks and Spencers (M&S), have been targeted in sophisticated social engineering attacks that specifically target service desk agents. The "Scattered Spider" threat group, thought to be behind the attack on M&S, as well as the 2023 MGM Resorts hack, has repeatedly demonstrated that the service desk is a prime social engineering target that can cause a lot of disruption for organizations. The M&S attack, for example, is thought to have led to an estimated $402 million profit hit for the retailer, with some customer data stolen. As a result, the UK's National Cyber Security Centre has specifically urged organizations to review and harden their help-desk password reset workflows to stop similar manipulations before they can escalate into full-blown ransomware or extortion events, with other government cyber organizations globally likely to follow suit.

Verifying the identity of callers to the service desk is just as critical for cloud-only customers as it is for on-prem organizations. An organization's service desk agents need reliable tools to verify the ID of callers, for the following reasons:

Remote and hybrid working drives increased call volumes: If users are still calling the service desk with problems, service desk agents are at risk of social engineering.
Digital transformation adoption outpaces user training: Fighting against sophisticated and quickly evolving social engineering tactics is a complex task if service desk agents are not supported with the right tools.
Service desks are an easier avenue of attack than passwords: Threat actors know it's easier to attack the service desk than crack strong passwords or bypass MFA - this attack route won't disappear.
Evolving tactics aided by artificial intelligence (AI): Deepfakes and social media reconnaissance can render traditional verification methods ineffective.

Published Wednesday, June 04, 2025 3:33 PM by David Marshall

Filed under: General News

Get This Featured White Paper: The Hidden Dangers of Legacy PAM

You may also be interested in this white paper: How to Sell Disaster Recovery to Senior Management

Comments

There are no comments for this post.

To post a comment, you must be a registered user. Registration is free and easy! Sign up now!