IDC has published a White paper on secure password processes. It argues for the benefits of self-service of passwords for compliance. But it is equally important to make the complete process compliant and secure through the assisted process!
The assisted password reset process is in almost all organizations a weak link for security. The risk that a hostile person can get access to another user’s account is simply too high! IDC refers to several studies documenting the fact that most organizations don’t have secure processes in place. According to the Danish Data Protection Agency the only way to make a secure assisted process is a 2-person process:
Our experience from hundreds of meetings with IT-departments is, that this process is only very rarely in place.
IDC furthermore clearly identifies that GDPR ( European General Data Protection Regulation act) demands that the authentication process is secure and safe, to avoid data breaches. This necessitates that the complete password process is protected, self-seervice and assisted service.
IDC recommends that organizations consider SW-solutions to get the assisted process secure and being able to monitor the process.
Get your copy of the IDC report here:IDC Technology Spotlight Password Management and GDPR Compliance: Lowering Risk Through State-of-the-Art Assisted Password Reset
A primary concern for enterprise password management is the end-users. The fact is, that the user is…
A primary concern for enterprise password management is the end-users. The fact is, that the user is responsible for the actions of his user-id on the IT-systems. The password is his protection and security. Many users don’t understand this and consider passwords to be waste of time, and hence don’t protect it very well.
A first step in any enterprise password management plan must be motivation and communication to users, that passwords are their protection, to avoid being made responsible for others’ actions.
A way to make users more positive is then to give the users simple tools to reset passwords if they forget or is locked out. Then they don’t have to write the passwords on sticky notes put in front of their PCs.Help me choose
More info: Password reset process
The purpose of password policies is to make it difficult for intruders to catch or guess a password.…
The purpose of password policies is to make it difficult for intruders to catch or guess a password. It is well-known that longer and complex passwords are more difficult to decrypt than short passwords. Likewise it is also more difficult to shoulder watch the entering of complex passwords than simple passwords.
Complex passwords are however not popular with users as they are much more complicated to remember, and might cause users to write the passwords down, and in this way corrupt the idea of passwords.
When you combine complex passwords with password self-service it becomes acceptable for users to reset a password when they don’t have to tell. In this way password self-service can be the tool to get acceptance for the secure complex password policies.Help me choose
More info: Password security and compliance
It is agreed that IT security policies must control who can access specific information. To enforce …
It is agreed that IT security policies must control who can access specific information. To enforce such a policy it is important that the IT system and processes are secure, and that users are correctly identified and authorized. Passwords are still the primary key for authentication! It is therefore essential that passwords effectively secure the authentication of the correct person. This of course has to be done at the lowest possible total cost!
Instead of building costly control structures the use of password self-service can at the same time give improvements in It-security and reduce costsHelp me choose
More info: Best practices for password self-service
We found that FastPass was the only solution in the marketplace with the capability to deliver a fully-fledged solution that we could use for all of our customers. A solution is only good once deployed and we see that the new service based on FastPass is highly popular among our customers. We tested several products in the market and found that the FastPass product stood out clearly as the best product thanks to the easy implementation, single point of management and rich feature set. FastPass supports our strategy of the very best customer experience regardless of the time of day, says Per Werngren, CEO at IDE.
"The Portuguese Parliament was looking for a self-service password reset/unlock solution. We surveyed the market, and found some expensive and complex solutions. Then we discovered FastPass, which seemed to address all our requirements. We did a pilot installation, and were very pleased by the ease of use for both the administrator and the final user interface. We were even more pleased with the low cost for such a complete product. After we acquired the product, installation was a breeze and FastPass support helped us promptly in all our issues and questions. We had the product in full production in about one week after installation and initial testing. Now our users have a simple method to unlock/reset their passwords without contacting helpdesk, at any time of day or night and from everywhere they have Internet access."
Varde City Council needed to improve service for end-users working outside normal business hours, and wanted at the same time to reduce number of calls to the internal IT department. With more than 100 password related calls each month, Varde decided for FastPass to give users self-service for passwords. Varde has two priomary passwords : Windows/AD and an extermnal password from an IBM mainframe (KMD). With FastPass users now have self-service when a password is forgotten or lost. Within less than 3 months more than 80-85% of calls are now handled by users. See the comments from Lea Dragsbæk
Sonoco realized the need to reduce Help Desk expenses and quickly identified password resets as a target call volume. Sonoco had already made a large investment in their identity and access management infrastructure and they wished to capitalize on that with minimal additional investment. Sonoco and Logic Trends collectively identified FastPass’s Password Manager product due to the low licensing cost, low maintenance effort and strong integration with the Microsoft infrastructure.
Faced with a compliancy requirement from our US parent company, we surveyed the market for a tool that would help us to come into line with section 404 of the Sarbannes-Oxley Act, which requires our users to authenticate themselves to the environment and have the ability to manage their own passwords.
Exactly 21 days before the compliance date we found FastPass Password Manager with a connector to our AS/400 environment.
IT Intergroup worked with us to get the FastPass solution in place and we were compliant a week ahead of schedule. All our users are now able to authenticate and resset passwords from a simple browser interface
In the spring 2009 Tulsa Public Schools decided to implement FastPass Password Manager from FastPassCorp. IT-manager Kirk Damron says: "We needed to reduce the load on our Help Desk from numerous calls related to forgotten passwords". With 8000 employees and teachers and increasing complexities in passwords, the ‘forgotten password’ workload was significant.
Kirk Damron adds: "We needed a solution which was easy to implement and administrate, and easy to use for the end-users. FastPass has proved to be just that!"
Installation and implementation was done in just one day, and the continued roll-out to users has been effortless.