Enterprises with many users and complex organizations need flexible and scalable solutions.When it comes to self-service passwords for all users FastPass Enterprise Password Manager is the complete choice. Large enterprises need to offer users:
First of all the requirement is to get a self service success over 90%. Contact us for a closer look at FastPass Enterprise Password Manager for large corporations.
A typical FastPass conversion rate is between 80-95% of all password related calls, converted from the service desk to self-service transactions. As illustrated in the customer example above, Varde City Council started a FastPass project in August which resulted in an uptake of more than 80% of all password calls by November, and this covered two different password types (Windows and a mainframe password).
Covers users’ reset of forgotten or locked password through a self-service portal. It solves a numbe…
Covers users’ reset of forgotten or locked password through a self-service portal. It solves a number of business issues for companies, and is in line with modern end-users expectations of self-service when possible. The business value is based upon:
Implementation of successful password self-service is however more complicated and challenging than expected. The two major issues are:
We have talked with many companies where less than 30% of password calls were handled by self-service and more than 70% still phoned to the service desk – even when a well-functioning solution is available!!
The answer is integrating people- processes and technology.Help me choose
More info: Self-service password issues
Encompasses the strategy and implementation for password security and productivity. The fund…
Encompasses the strategy and implementation for password security and productivity.
The fundamental idea of passwords in IT is to secure the user, that he alone can access systems with his user-id. The user is made responsible for all actions carried out be his user-id, and the password is his only protection. If a company doesn’t have any passwords at all, or a very ‘soft’ password policy, then the user probably will not be made accountable; but then the company might lose substantial values due to crimes, which will be very hard to discover.
This has led to the use of very advanced password policies where users are asked to use at least 14 characters with complex structures being changed every 3.rd month at least. Faced with this complexity many users will write down the passwords on yellow stickers and then nearly all security is lost!
A good corporate password management solution will consider these practical issues and look for solutions which create real security and at the same time considers the total cost of password management and ease of use for users.Help me choose
More info: Enterprise password management
When users have many passwords to remember it is obvious that they forget more! Users might have Win…
When users have many passwords to remember it is obvious that they forget more! Users might have Windows password as the basic network password, but also daily use of SAP, IBM, Oracle or unique passwords. This will increase the risk for users writing down their password visible to others. We have seen other measure as a user told us, that he every 3 months changes all his 26 passwords to be the same value. Pretty secure but a significant extra burden!
A popular solution in some large companies is Single Sign-On (SSO). With only a single sign-on life really becomes simpler for users. The technical implementation is however often complicated and expensive. Furthermore new software releases might have serious impact on the SSO solution and carry significant extra costs.
A much simpler solution is password synchronization, where the main password (typically the Windows password) is synchronized to all the other passwords the user has. Password synchronization can technically be simple to install and operate, and can be very robust for changes to other software packages.
Synchronization is by some users being called: Simple Sign-on!!Help me choose
More info: Password synchronization
The most frequently used method for user authentication in IT applications is passwords. Passwords a…
The most frequently used method for user authentication in IT applications is passwords. Passwords are cheap and fast, and password authentications are standard for practically all modern IT systems.
It is hence of critical importance that passwords and processes are secure. IT-security departments see many threats to IT security through misuse of passwords and processes.
Some of the most common risks or challenges with passwords are:
More info: Password security and compliance
The benefits of password self-service can be grouped into: Productivity in the service desk Product…
The benefits of password self-service can be grouped into:
When in general around 30% of all calls to the service desk is password related, then there is an obvious case for productivity through self-service.
Comparing benefits and costs (implementation and operations) will often result in pay-back in less than 12 months.
Help me choose
More info: Business case for passwords
Implementing password self-service successfully depends on the processes. We have defined a best pra…
Implementing password self-service successfully depends on the processes. We have defined a best practice :”5 steps to password self-service success”.
The 5 steps are:
The process is no better than the weakest link. If you for example don’t get more than 50% users enrolled, your success rate can’t be better than 50%!!
We have developed the FastPass products to support the best practices for password self-service and make it easy for our customers to implement.
The ability to reach more than 90% self-service do however still depend on the team’s and management’s commitment to process. Please get our “Guide to 5 steps”Help me choose
More info: Best practices for password self-service
Password manager for advanced organizations
The aim for FastPass Enterprise Password Manager is to help you move more than 90% of your password calls to self-service with advanced benefits:
FastPass Password Manager has a strong authentication process before the user can reset windows password. Multiple challenge questions must be answered correctly and 2-factor secure authentication can be implemented through combination with PIN codes via SMS to the user.
All communication is secured as is the FastPass database through strong encryption.
Automatic enrollment process for users
FastPass Password Manager automatically invites all selected users to enroll to FastPass password reset software, and continues to send reminders to users until they enroll.
Users can be forced to enroll through FastPass Forced enrollment Client. This function is activated x days after first invitation if the user has not enrolled. The function is invoked as a NAG service.
FastPass Enterprise password manager is available where the user sees he has forgot the Windows password, that is at windows log-in. Through a ‘Forgotten Password’ button on the Windows log-in the user can activate a ‘dead’ PC.
For users who enter your system through the internet, FastPass is available on your internet and extranet portal! For example FastPass can be accessible from the OWA log-on.
Service desk process for forgotten passwords
No matter how well you motivate your users, some users will now and then call your service desk with a forgotten password or a locked out password for Windows. Giving them a new Windows password will only mean, that they will call you again next time they forget windows passwords. With FastPass your service desk can authenticate the user and then give them access to enroll in FastPass, where they then can serve themselves – and do so next time. This is critical for a high success rate of self-service!!
For a description of FastPass see below:
reset password for windows
The FastPass Password Management for windows password manager allows end-users to securely reset their forgotten password without calling the Service Desk to reset passwords for Windows.
Windows account Unlock
The FastPass Password Management solution allows your end-users to securely unlock their accounts without calling the help desk.
Employees are one-, two- or multi-factor authenticated using challenge/response, a one-time pin-code send to their mobile phone and/or use of a security card
The FastPass Password Management solution unlocks the account, if it has been locked by employee behavior. If it is locked by system administrators, the employees can’t unlock the account.
If you use 90 days password expiration employees are exposed to Password Expiration when they reset windows password. With FastPass employees can reset their password themselves even when a password has expired.
FastPass password reset software includes automatic discovery of users and a self-service Enrollment Service.
FastPass includes an automatic discovery service, which extracts information about new and changed employees and groups.
Employee objects on different systems are correlated automatically, by matching login IDs or other attributes to create and update employee profiles.
Login IDs on systems where it is impossible to reliably provide automatic reconciliation are stored in an "inventory" table.
Employees who will register personal information, such as authentication question-and-answer profiles, are automatically prompted to register and receive automatic reminders until they have successfully enrolled. Invitations can be sent sent by e-mail or sms/text-messages. The text in the invitation mails and reminders are defined by the customer.
The process can be improved by the Forced enrollment client, which is activated from the PC-client through commands from the administration module, controlling if the user has not enrolled yet.
Employee enrollment and administration is carried out on a secure web form. All data are encrypted using HTTPS.
Employees prove possession of accounts by typing ID/password pairs, which are validated against target systems.
Multi-factor authentication for windows password manager
FastPass password reset software offers a secure validation of users. For example, one user can be asked to authenticate with SMS PIN Code and Challenge/Response when executing a Password Reset operation where another employee can be asked to authenticate with just Challenge/ Response. User authentication is handled through specific authentication profiles that are taking care of the different scenarios the customer wants to control.
SMS/Text Pin code Authentication
The SMS PIN Code authentication method is used for authentication where FastPass will generate a PIN Code and send this to a SMS device registered as belonging to the employee and then ask the employee to write the PIN Code back in FastPass.
FastPass implements the SMS-PIN Code authentication by collecting the “mobile” attribute of an employee from AD and then uses this as target when sending a PIN Code using rules specified in the configuration. Alternatively the user can give his mobile number directly to FastPass as part of the enrollment process.
Help Desk PIN Authentication.
The Help Desk PIN Code method can be described as an authentication method whereFastPass generates a PIN Code which the Service Desk can provide to the employees either vocally or by SMS to a SMS device registered as belonging to the employee. The employee will then enter the PIN Code in FastPass.
The Password Manager solution for password reset implements the Challenge/Response authentication method in a way where the system offers a number of questions that employees can select among and give the answer to. This happens as part of the “Enroll Employee” and “Enroll Employee (Help Desk PIN)” operations. In addition to central decided questions users can define their own challenge questions.
There is a nearly unlimited configuration options available for the administrator when iplementing and maintaining the FastPass configuration.
Multi domain multi forrest and multi organization
FastPass Password Management supports large Active Directory environments including multiple organizations. Normal installations will only use 1 organization. Service Providers, Outsourcing companies can use the multi-organization feature to run their customers from one central site like a private cloud. The FastPass Cloud is based on this version.
All text available for the usesrs is available in 'local' language for the user. The language is automatically selected based on the browser, or can de selected directly by each user.
The FastPass Password Management solution currently supports the following languages:
Additional languages are easy to add and will be added on request.
We found that FastPass was the only solution in the marketplace with the capability to deliver a fully-fledged solution that we could use for all of our customers. A solution is only good once deployed and we see that the new service based on FastPass is highly popular among our customers. We tested several products in the market and found that the FastPass product stood out clearly as the best product thanks to the easy implementation, single point of management and rich feature set. FastPass supports our strategy of the very best customer experience regardless of the time of day, says Per Werngren, CEO at IDE.
"The Portuguese Parliament was looking for a self-service password reset/unlock solution. We surveyed the market, and found some expensive and complex solutions. Then we discovered FastPass, which seemed to address all our requirements. We did a pilot installation, and were very pleased by the ease of use for both the administrator and the final user interface. We were even more pleased with the low cost for such a complete product. After we acquired the product, installation was a breeze and FastPass support helped us promptly in all our issues and questions. We had the product in full production in about one week after installation and initial testing. Now our users have a simple method to unlock/reset their passwords without contacting helpdesk, at any time of day or night and from everywhere they have Internet access."
Varde City Council needed to improve service for end-users working outside normal business hours, and wanted at the same time to reduce number of calls to the internal IT department. With more than 100 password related calls each month, Varde decided for FastPass to give users self-service for passwords. Varde has two priomary passwords : Windows/AD and an extermnal password from an IBM mainframe (KMD). With FastPass users now have self-service when a password is forgotten or lost. Within less than 3 months more than 80-85% of calls are now handled by users. See the comments from Lea Dragsbæk
Sonoco realized the need to reduce Help Desk expenses and quickly identified password resets as a target call volume. Sonoco had already made a large investment in their identity and access management infrastructure and they wished to capitalize on that with minimal additional investment. Sonoco and Logic Trends collectively identified FastPass’s Password Manager product due to the low licensing cost, low maintenance effort and strong integration with the Microsoft infrastructure.
Faced with a compliancy requirement from our US parent company, we surveyed the market for a tool that would help us to come into line with section 404 of the Sarbannes-Oxley Act, which requires our users to authenticate themselves to the environment and have the ability to manage their own passwords.
Exactly 21 days before the compliance date we found FastPass Password Manager with a connector to our AS/400 environment.
IT Intergroup worked with us to get the FastPass solution in place and we were compliant a week ahead of schedule. All our users are now able to authenticate and resset passwords from a simple browser interface
In the spring 2009 Tulsa Public Schools decided to implement FastPass Password Manager from FastPassCorp. IT-manager Kirk Damron says: "We needed to reduce the load on our Help Desk from numerous calls related to forgotten passwords". With 8000 employees and teachers and increasing complexities in passwords, the ‘forgotten password’ workload was significant.
Kirk Damron adds: "We needed a solution which was easy to implement and administrate, and easy to use for the end-users. FastPass has proved to be just that!"
Installation and implementation was done in just one day, and the continued roll-out to users has been effortless.