Requirements
Enterprise Password Management is more than just password reset by users via a WEB-browser. Make sure you understand your organization’ requirements.
The successful implementation of Enterprise Password Management and the realization of the businesscase depends on much more than end-user challenge questions. How do we get users enroled? How can we differentiate between easy and strong authentication depending on the user? Can we help users anywhere? Do we need to handle different passwords for different applications? Read more in "The Essentials of Enterprise Password Management"
The following high-level requirements are important for a successful Enterprise Password Management system:
|
. |
|
|
End-user functionality and handling
|
. |
The necessary functions for password reset / change and unlock have to be present.
The solution must be intuitive and easy to use for the user
|
|
End-user accessibility
|
. |
The user must be able to access the password application from any workstation
|
|
Enrolment process
|
. |
Successful enrolment is key for productivity improvement from password management. The aim should be more than 95% enrolled users to reduce calls to the helpdesk.
|
|
Administration of users
|
. |
Administration must be powerful and efficient to keep IT support costs down
|
|
Authentication – strong authentication
|
. |
It is vital that the organization can choose the authentication that meets the security demands. Strong authentication is a layered authentication approach relying on two or more authenticators to establish the identity of an originator or receiver of information.
|
|
Notification service
|
. |
Any attempts to misuse the Password Manager to gain access
to other users’ password must generate alerts.
|
|
Reporting
|
. |
Administrators and management need reports and action lists to manage the Password reset process. Standard reports and data transfer to HelpDesk tools are necessary.
|
|
Technical
|
. |
For large and/or complex IT-systems it is important that the Password Management System can fulfil demanding requirements for volume and availability
|
|
Software security certification
|
. |
The Software must be proved to be secure by independent verification.
|
|
Installation and Implementation
|
. |
Installation and implementation must be simple and straightforward to secure low start-up costs.
|
|
Synchronization to other target systems
|
. |
When users only have one password to remember they will be more satisfied and productive.
|
FastPassCorp has outlined the requirements for an Enterprise Password Management solution in a buyers guide. If you want a copy of 'Password Management Buyer' Guide' press here