MGM Post Mortem Best Practices: How does your org verify a user's identity if they call helpdesk for password resets? | allinfosecnews.com

Sept. 22, 2023, 8:43 p.m. | /u/jasonmontauk

cybersecurity www.reddit.com

Friendly sysadmin here...I'm asking for some ideas for ways to verify the ID of a user who may call into helpdesk for a password reset/account unlock. Being that it took a simple call to MGM's helpdesk to bring down their entire org, I thought it would be a great idea to open up a forum to share some best practices and clever ways to verify an user's true identity.

My org was brainstorming on this, but the best we could …

account asking best practices call cybersecurity down helpdesk ideas identity may mgm org password password reset post mortem practices reset simple sysadmin unlock verify

More from www.reddit.com / cybersecurity

Cisco reveals zero-day attacks used by hackers to attack government networks in major threat campaign 4 hours ago | www.reddit.com

attack attacks campaign cisco +7

Any Fortune 100 company go all in on Microsoft E5 Security Suite? 14 hours ago | www.reddit.com

all in cybersecurity defender defenders +12

Blueteam Certification like cybersecurity engineers 15 hours ago | www.reddit.com

architect blueteam certification certifications +12

Fake job interviews target developers with new Python backdoor 18 hours ago | www.reddit.com

backdoor cybersecurity developers fake +7

Passkeys: A Shattered Dream 19 hours ago | www.reddit.com

cybersecurity dream passkeys

Cyberattack Gold: SBOMs Offer an Easy Census of Vulnerable Software 19 hours ago | www.reddit.com

census cyberattack cybersecurity easy +4

Ukraine's military intelligence launches cyberattack against United Russia party 19 hours ago | www.reddit.com

cyberattack cybersecurity intelligence military +4

The XZ Utils Backdoor explained - Columbia University Lecture 21 hours ago | www.reddit.com

Cybersecurity for Government 22 hours ago | www.reddit.com

budget corporate cybersecurity goals +8

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Principal Security Analyst - Threat Labs (Position located in India) (Remote)

@ KnowBe4, Inc. | Kochi, India

View on infosec-jobs.com

Cyber Security - Cloud Security and Security Architecture - Manager - Multiple Positions - 1500860

@ EY | Dallas, TX, US, 75219

View on infosec-jobs.com

Enterprise Security Architect (Intermediate)

@ Federal Reserve System | Remote - Virginia

View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States

View on infosec-jobs.com

Vulnerability Management Team Lead - North Central region (Remote)

@ GuidePoint Security LLC | Remote in the United States

View on infosec-jobs.com