HOW TO INTRODUCE STRONG PASSWORDS : THREE SIMPLE STEPS

More and more organizations and IT departments need to introduce password complexity. Implementing strong passwords that have to change regularly is not easy, and can get a lot of resistance from the end users, or generate unnecessary helpdesk calls. Here are three simple tools to help you introduce complex passwords in your organization:

1.Password Self-Service:
In order to reduce the number of helpdesk calls that are password related, make users autonomous on the management and recovery of their passwords. Results: less password reset calls, 24x7 service, increased security (helpdesk identification)SSRPM (Self-Service Reset Password Manager) by Tools4ever is a good tool allowing for password resets through security questions or strong SMS authentication.

2. Reduce the number of Passwords that users have:
Naturally the more passwords users have to manage the more they will resist to strong password policies. Introduce a tool that reduces the number of passwords.

Results: decreased number of passwords = user comfort

With Single Sign-On tools like Tools4ever’s E-SSOM (Single Sign –On Manager) it is possible to reduce the number of logins and password combinations to just one, and eliminate about 3 to 5 password logon combinations per day.

3.Help users creating strong passwords through a password creation wizard.
In order for users to not get frustrated when creating their new strong password, they may need some assistance. A simple windows integrated tool can assist users while creating their password, showing the complexity rules and flagging each requirement as it is fulfilled.

Results: Users can create strong passwords instantly without getting unclear Windows error messages.

A tool that assists users in creating strong passwords according to the company’s own rules is reset calls, 24x7 service, increased security (helpdesk identification)PCM (Password Complexity Manager). It is extremely user friendly and integrates seamlessly into the user environment.

If you have more questions on introducing complex passwords don’t hesitate to contact us.

Related to:

• Strong passwords


• Active directory password


• Password reset


• Password self-service


• Complex passwords


• Single sign on


• Password synchronization

ACCESS MANAGEMENT AND SOX COMPLIANCY/AUDIT

When talking with IT management on Identity and Access Management issues, we regularly meet companies that have to be compliant with SOX regulations. This usually has a big impact on the organization of processes, but also on the IT department, especially concerning the management of access rights. Three of the most common issues are:

Workflow and validations on access rights:
Whether it concerns a regular active directory user accounts, NTFS rights, active directory groups, e-mail or application authorizations, all the requests and validations have to comply with the SOX regulations which may mean that in order to create one user account the IT department needs the signature of the requester, the validating manager and the IT director.

We have seen companies where this process was entirely managed by paper driven processes, and each time at a SOX audit, the IT department would spend weeks of digging through the papers with the auditor. An automated workflow system such as UMRA (User Management Resource Administrator), can automate the
se validation steps and make the SOX audit a piece of cake for the IT department.
Instead of papers getting lost in the process and having people waiting for their access rights UMRA will automatically alert the right validators who with a simple action can validate a request before it is sent automatically to the next validator or IT for granting.

Traceability:
Naturally all requests for access and granting of access should be traceable in the identity and access management solution. This is a standard feature of the Tools4ever Identity and Access Management suite.

Segregation of Duty:
This aspect of SOX compliancy requires that certain tasks cannot be performed by one and the same person. For example an order may be placed by person X but this should be validated by person Y. This can have consequences for access management, in the sense that it requires the access to certain data, or the access rights within an application must be tightly controlled.

In terms of access management and authorization management this means that the access management system must block or alert whenever two of such authorizations are being granted to one and the same user. This is easy to realize with the reporting and provisioning mechanisms in the Tools4ever identity and access management solutions. We only have to know which of the authorizations cannot be combined and then the solution will manage and audit the requirement automatically.

Feel free to contact your Tools4ever. office if you have any questions about SOX compliancy, and Access Management workflows.