also enables a good experience to be delivered behind-the-scenes.
It isn’t user sentiment alone that is driving evolution in the structure and support models of IT service desks. Security is a pervasive concern that influences a lot of the decision-making and strategic direction.
The IT service desk requires secure pathways to and from remote support staff whenever they are experiencing issues. This needs to be enterprise-grade and designed with security top-of-mind. On top of this, endpoint privilege management (EPM) is an increasingly valuable integration with ITSM platforms, lightening the load on the service desk by centrally delegating and managing what users can and can’t do by themselves by policy and handling any exceptions via the service desk.
In 2023 and beyond, the following is what a best-practice IT service desk looks like.
Remote access uplift
The first part of the security uplift for IT service desks is to improve the way that support staff remotely access employees’ machines to troubleshoot or perform upgrades.
The service desk can be a significant vulnerability when it comes to security. Consumer grade remote access tools and pathways are increasingly being exploited by
threat actors as backdoors into IT environments.
Choosing the right remote support software is pivotal to the productivity, security and experience of the service desk. Ideally, a remote support tool should be enterprise-grade and designed with security in mind. It should also be optimised for advanced troubleshooting processes to enable faster resolution times for issues, and integrate well with the ITSM and CRM solutions commonly used in enterprises, and particularly by service desks.
Depending on what’s in place today, a review of current remote access approaches and enabling software may be necessary to improve the security of service desk operations.
Driving change more deeply
IT service desks will be further assisted by a rethink of how much leeway and flexibility employees are given as to what they can and can’t do on their local machines with or without the direct assistance of the service desk.
This starts with the retraction of local administrator rights for users. The proliferation of these kinds of privileges has made an organisation’s security policy hard or impossible to enforce. In addition, as we’ve seen consistently in the wave of attacks