48% of organizations don’t have a user verification policy in place for incoming calls to IT service desks, according to Specops Software. The information was uncovered as part of a survey of more than 200 IT leaders from the private and public sectors in North America and Europe. The majority of these companies rely on knowledge-based questions using static Active Directory information, such as an employee ID, a manager’s name, or even HR-based information like the employee’s date of birth or address.
Source: https://www.helpnetsecurity.com/2021/06/07/service-desks-user-verification/