Stop social engineering against your service desk

with FastPass Identity Verification

Hackers impersonates real users to get a password from the service desk

FastPass IVM controls the supporters verification of the users’ identity through a dynamic and secure workflow.

Perfect for identity verification for password reset

Dynamic and contextual data from the user’s workstation and environment is used

The workflow will dynamical adapt to the users’ security profile

Information from many resources including Active Directory and external data is included

Comprehensive compliance reporting available plus SIEM integration

Remove privileged passwords from service desk supporters

FastPass IVM for password resets for AD, SAP, Oracle, IBM, LDAP and external WEB-services

Hackers use social engineering methods to con the service desk supporters to issue passwords for real users.

Hackers can’t fool FastPass Identity Verification Manager to trust anything but facts. Give control to FastPass and stop the hackers!

FastPass Identity Verification Manager (IVM) prevents voice-based hacking = vishing.

IVM controls the entire verification process, instructing the service desk supporter what questions and tests to do depending on the user’s security profile. IVM can be implemented fast based on FastPass templates.

THE IVM PROCESS

When a user calls the service desk to get a password reset then the service desk supporter uses IVM to verify the identity of the caller. A standard process can include:
IVC-Process-Graphic-3

For each correct or trustworthy answer, IVM credits point to the call. When enough points have been reached, then IVM will release a new password, to be passed on to the user.

All information related to the verification will be logged for monitoring and analysis. All details can be configured individually for the verification steps to fit the organisation’s data and infrastructure and security policies.

 

IVM FEATURES

Management-approved process

IVM can be configured individually to the organization’s security requirements

Delivering passwords to the user

Can be delivered over the phone or to the user via SMS or private e-mail

Different verification processes for different groups

IVM can provide an unlimited number of different processes linked to user groups

Monitoring

Every step of the process is logged and available for monitoring and reporting

Verification options

IVM can use many different tests to verify the identity of the person such as secret personal information, company information, contextual & dynamic info, tokens & more

Integration to ITSM tools

 IVM can be integrated into most modern ITSM tools, so the service desk agent sees IVM as a natural, integrated part of the different services they provide to users

DOWNLOAD FULL PRODUCT SHEET

IVM IMPLEMENTATION

To achieve rapid results, IVM is delivered with templates that can be used as basic processes immediately. They correspond to a simple process, an average process, and a heavily secure process.

The templates can then gradually be altered or new ones can be added, as the service desk and IT security agrees that adjustments need to be made.

This means that IVM can be installed and implemented very quickly.
IVC-Screenshot

The FastPass Identity Verification Manager suite currently covers
  • FastPass Self-Service Password Reset (SSPR)
  • FastPass Identity Verification Manager (IVM)

IVM benefits from the data and components of SSPR, so we recommend a combined solution.

IVM increases security and reduces the risks of social engineering, while SSPR delivers productivity and efficiency for both users and the service desk.

The combination of SSPR and IVM is a security solution with a strong business case.

IVM FUNCTIONAL DETAILS

IVM controls the verification process – the service desk supporter assists IVM. This is crucial to prevent skilled hackers with good social engineering techniques take control via the supporter. See table below.

IVM-Table

Verify if John Doe is legit

The critical part of the password reset process is identity verification.

How can the service desk agent confirm that it is the legitimate user? This task is taken over by Identity Verification Manager - IVM.

which will control what actions to take and decide when the verification is OK, based on specific knowledge about each user.

ART-of-deception-img
ART-of-deception-quote

If we want to take human error out of the identity verification equation, we must have an IT workflow controlling the agent. The process must be designed according to security specifications from IT security. There should be different processes for user groups with different security profiles. The tests must include many different items: data, tokens, and even manager approval, where needed.

The password reset process at the service desk can be an excellent gateway for hackers to breach IT systems.

Learn more about how IVM can help your organization

Get in touch with us today by filling up the form and our team will get back to you as soon as possible.

Scroll to Top