According to a number of recent studies, calls to the help desk for password reset assistance make up 10 to 30% of the total call volume. Further research asserts that the costs associated with each call range from $51 to $147 in labor costs, not to mention loss of productivity while the employee attempts to login, gives up, waits in the help desk queue and, eventually resets the password. One further complication, the average employee is required to maintain 8 unique combination of user ID’s and passwords, usually with varying complexity and expiration rules.
So, how can the typical organization reduce the costs associated with password management and maintain the highest level of security? The answer lies in the Password Management solutions form Tools4ever and includes Self Service Password Reset Manager (SSRPM) and Enterprise –Single Sign On Manager (E-SSOM).
The first application, SSRPM, is an enrollment based application that allows users to register by answering a series of challenge questions – much like they would do for an on-line banking site. Once enrolled, they can reset their own password directly from the Windows login screen by clicking on a “Forgot My Password” link. Alternate methods of service can be found from either a website or via Outlook Web Access integration. To insure high adoption rates, such organizations elect to pre-enroll employees by pulling personal information form the HR system. This software is extremely secure and is in use by organizations ranging from25 to 350,000 employees worldwide.
The second application, E-SSOM, reduces the number of user name password combinations form the average of 8, to exactly one – the AD credentials. By securely capturing and storing a user’s credentials for all applications they are authorized to access, E-SSOM eliminates the need for a user to right passwords on a sticky note or attempt to remember them. E-SSOM can automatically handle password changes at required time intervals and allow user to delegate credentials to a specific app for a period of time – such as a vacation.
When both SSRPM and E-SSOM are used in combination, the number of calls to the help desk drops to nearly zero. The result is a tremendous savings of time, money and an overall increase in security.
For more information on the complete Tools4ever Identity and Access Management suite, please visit our website.
Wednesday, April 27, 2011
Tuesday, April 26, 2011
School Districts save time and resources by embracing network automation
I have been getting more questions about streamlining IT department operations and finding ways to be more efficient with fewer resources. We have many implementations across the country for automated network account provisioning by synchronizing authoritative data sources to different directory services. Utilizing Tools4ever’s User Management Resource Administrator (UMRA), our consultants bridge the gap between student information systems like Skyward and Active Directory.
School districts often struggle to create and manage user accounts in a timely manner due to lack of resources, data integrity or out-dated scripts. Additionally, when districts rely on third party scripts, they become vulnerable when the author of those scripts departs the district. Suddenly the scripts are unsupported and when the infrastructure changes the scripts break leaving the district in a bind.
UMRA protects the integrity of the district network data by providing easily supported projects files rather than scripts or code. UMRA’s enhanced development environment allows for rapid deployment of identity management systems at a very competitive price point. As school districts look for additional ways to save money they tend to stop hiring and incorporate more automated processes.
Benefits of UMRA for Education:
•Manual IT procedures are automated via student information system connectors;
•Connecting the student information system with various teaching applications, such as Destiny, library system, access system, Live@edu, Google Apps, etc. ;
•User account uniformity;
•Reduced input time by system and application managers through the automated of tasks;
•100 percent logging of all activities in the domain;
•Enhanced data integrity: the domain is always fully up-to-date and pollution free;
•Complete implementation within a few days for immediate ROI.
Common UMRA Connected Student Information Systems
•Banner
•Infinite Campus
•PowerSchool
•Aeries
•Jenzabar
•Pentamation
•DataTel
•Campus Management
•Teams
To learn more about UMRA please visit our website,. To read about how one school district implemented UMRA read our Lewisville Independent School District case study.
School districts often struggle to create and manage user accounts in a timely manner due to lack of resources, data integrity or out-dated scripts. Additionally, when districts rely on third party scripts, they become vulnerable when the author of those scripts departs the district. Suddenly the scripts are unsupported and when the infrastructure changes the scripts break leaving the district in a bind.
UMRA protects the integrity of the district network data by providing easily supported projects files rather than scripts or code. UMRA’s enhanced development environment allows for rapid deployment of identity management systems at a very competitive price point. As school districts look for additional ways to save money they tend to stop hiring and incorporate more automated processes.
Benefits of UMRA for Education:
•Manual IT procedures are automated via student information system connectors;
•Connecting the student information system with various teaching applications, such as Destiny, library system, access system, Live@edu, Google Apps, etc. ;
•User account uniformity;
•Reduced input time by system and application managers through the automated of tasks;
•100 percent logging of all activities in the domain;
•Enhanced data integrity: the domain is always fully up-to-date and pollution free;
•Complete implementation within a few days for immediate ROI.
Common UMRA Connected Student Information Systems
•Banner
•Infinite Campus
•PowerSchool
•Aeries
•Jenzabar
•Pentamation
•DataTel
•Campus Management
•Teams
To learn more about UMRA please visit our website,. To read about how one school district implemented UMRA read our Lewisville Independent School District case study.
Friday, April 1, 2011
Identity and Password Management in Healthcare
As of late, Tools4ever has been implementing more solutions on the healthcare market and I wanted to take a look at our clients and ascertain if there are common issues that this market sector needs to address. Not surprisingly, there were a number of common themes in these accounts.
Shared User Accounts
One of the top reasons for implementing Identity Management in healthcare is the need to eliminate the “shared” accounts. Quite frequently, all the nurses on a floor will have one or more shared computers. Everyone utilizes the machine utilizing a common, generic account. The issue becomes security and privacy. It is impossible to restrict access or determine who is doing what and when.
Identity management solves this issue typically by linking an HR application to the Active Directory and creating individual logon accounts. Fast user switching, available in Vista and 7 makes this a quick process for busy healthcare professionals. Further, the Tools4ever Single Sign On product allows for credentials of users to be provided automatically fro authorized applications when utilizing fast user switching.
Downstream Provisioning
Active Directory and email systems are just one of the many applications that require user accounts. Pharmacy, medical records, radiology and IP phone systems are just the surface of what users need to have access accounts set-up and managed. By setting simple templates based on department and titles, it is possible to configure accounts in a majority of the applications and assign appropriate group and distribution lists as well. In more complex environments, the use of web-based workflow utilizing single or multi-level approval can be the first step in completing and advance Role Based Active Control (RBAC) matrix.
Stale Accounts
By far one of the most common issues, and the one with the most potential for security breaches, is the potential for stale accounts – accounts still active when an employee, consultant or temporary employee leaves. Tools4ever provides several of options for dealing with this issue. The first is to detect a terminate date or flag in the HR system during a daily synch and immediately disable the account. Another option is to scan the Active directory daily for unused accounts. IF an account has not been used in for example, 60 days, automatically send an email to the user’s manager notifying that the account will be disabled the next day if no action is taken. Finally, by implementing a strict policy of requiring a “disable on” date when creating accounts for consultants or temporary employees, automated email notification can take place warning of the impeding disable at 5 ,3 and day prior, allows time for an extension to be entered.
For further information please visit our website Tools4ever, Inc., or Click Here to download a health care case study or brochure.
Shared User Accounts
One of the top reasons for implementing Identity Management in healthcare is the need to eliminate the “shared” accounts. Quite frequently, all the nurses on a floor will have one or more shared computers. Everyone utilizes the machine utilizing a common, generic account. The issue becomes security and privacy. It is impossible to restrict access or determine who is doing what and when.
Identity management solves this issue typically by linking an HR application to the Active Directory and creating individual logon accounts. Fast user switching, available in Vista and 7 makes this a quick process for busy healthcare professionals. Further, the Tools4ever Single Sign On product allows for credentials of users to be provided automatically fro authorized applications when utilizing fast user switching.
Downstream Provisioning
Active Directory and email systems are just one of the many applications that require user accounts. Pharmacy, medical records, radiology and IP phone systems are just the surface of what users need to have access accounts set-up and managed. By setting simple templates based on department and titles, it is possible to configure accounts in a majority of the applications and assign appropriate group and distribution lists as well. In more complex environments, the use of web-based workflow utilizing single or multi-level approval can be the first step in completing and advance Role Based Active Control (RBAC) matrix.
Stale Accounts
By far one of the most common issues, and the one with the most potential for security breaches, is the potential for stale accounts – accounts still active when an employee, consultant or temporary employee leaves. Tools4ever provides several of options for dealing with this issue. The first is to detect a terminate date or flag in the HR system during a daily synch and immediately disable the account. Another option is to scan the Active directory daily for unused accounts. IF an account has not been used in for example, 60 days, automatically send an email to the user’s manager notifying that the account will be disabled the next day if no action is taken. Finally, by implementing a strict policy of requiring a “disable on” date when creating accounts for consultants or temporary employees, automated email notification can take place warning of the impeding disable at 5 ,3 and day prior, allows time for an extension to be entered.
For further information please visit our website Tools4ever, Inc., or Click Here to download a health care case study or brochure.
Subscribe to:
Posts (Atom)