In today’s technology filled world, the proliferation of user credentials, such as user names and passwords, has grown exponentially. As such, requirements for managing employee access requirements continue to evolve at an unprecedented pace.
As new solutions are put in place to protect a company’s data, the average employee is forced to remember more and more password and login combinations. For example, the typical employee must remember six sets of user credentials. At the same time, top executives within a firm may need to remember as many as 12 or more password and login credentials.
In many cases, the jumble of logins and access passwords becomes a bit of a mess for employees and the company to manage, not to mention the costs associated with loss of employee productivity and work time. The time spent digging for passwords might be considered inconsequential, but the opposite is often true.
According to analyst firms Gartner and IDC, each have reported that password-related calls from employees occupy between 25 percent and 40 percent of all inquiries to the helpdesk. As staggering as the amount of time spent manually resetting and managing employee accounts is, it may pale in comparison with how much the average cost of each call to the helpdesk, which typically ranges between $10 and $31 a piece.
On top of this, an employee that’s lost access to internal systems and programs typically loses 20 minutes of productive work time for each call placed to the helpdesk.
And the costs don’t stop there. Though more difficult to figure, there are risks associated with users, who are desperate to avoid the call to the helpdesk, when they write down credentials on pieces of paper and stick them to monitors or store them underneath keyboards, for example. Doing so creates a great deal of risk and exposes confidential company information to the outside world.
Mitigate the Risk
Technologies exist from numerous vendors to significantly reduce the costs and risks associated with password management issues. Effective password reset applications have been around and utilized for several years. The best example of this can be found on a bank or financial institution’s website. For locked accounts, users must answer a series of challenge questions to gain access to their requested information.
For business looking to emulate these examples and do away with manual-, time- and cash-consuming processes, once the system is implemented with the self-service password reset tool, employees and end users enroll in it and going forward, if they ever lose their passwords they can simply reset them on their own whenever they need without assistance from the IT staff or helpdesk.
Strengthening the Security of Self-Service Resets
There will forever be fear from some individuals who believe that by allowing a single sign on self-service password reset function, they are making it much easier for the security of their systems to be compromised. As you might image, there are simple solutions to addresses these concerns, too.
The best example may be two-factor authentication. Two-factor authentication can be accomplished by a user providing a one-time PIN code via SMS or an alternate email address. These password self-service applications typically eliminate up to 95 percent of password-related calls to the helpdesk.
Two factor-authentication can also be used to reduce password-related issues is single sign on applications. These products reduce the number of credentials required to access accounts and information from the previously mentioned log in credentials (ranging from six to 12) to one.
Perhaps the best case for this comes from a recent study by the Ponemon Institute, which found that employees spend on average nine-and-a-half minutes each day logging into the applications needed to perform their jobs.
Another recent survey by Tools4ever revealed that respondents overwhelmingly (67 percent of the sample) stated they spend too much time logging in and out of applications to access information, while 85 percent of respondents agreed that efficiencies would be created by using only one set of credentials.
The most common benefit of two-factor authentication is the reduction of the credentials being written down and stored on or near the desktop by employees, as previously mentioned. Another feature of two-factor authentication is pairing it with biometrics or scan cards in conjunction with credentials and or a PIN code, which further increases the network security.
Also, as many applications require a password change because of time passage (for example, every three months users must update their passwords), an single sign on solution can anonymously reset the password so an end user is never even aware of their password. This reduces the chance of a terminated employee gaining access to sensitive systems from home if their account is not revoked in a timely fashion.
In addition, as password management solutions mature with the market, prices of the solutions have continued to drop and the expediency with which an implementation can be executed is getting significantly shorter.
Self-service password reset solutions can be deployed in one or two days and provide an ROI in as little as one month. SSO solutions typically are deployed across one or two weeks and provide and ROI in as little as three months or less. ROIs of these solutions are typically based on hard dollar savings only and do not take into account soft dollar savings associated with the increase of security or decrease in associated risks of leaving sensitive systems potentially exposed, which is where the real long-term gains are made for those that implement the systems.
For more information, please visit our website - www.tools4ever.com
Friday, February 14, 2014
Friday, February 7, 2014
Why Implementing a BYOD Solution and IAM Solution Go Hand in Hand
Implementing a bring-your-own-device (BYOD) strategy can be an extremely beneficial undertaking but if implemented on its own, it can also create several problems. For example, many security issues can arise, as well as a great deal of time spent by the IT department setting up and monitoring all the new devices.
This alone is why it’s necessary that a mobile identity and access management (IAM) solution be implemented in conjunction with BYOD. Such a solution allows companies to receive the full benefit of BYOD without having to deal with the many issues that come along with it.
Here are some reasons why BYOD and mobile IAM go hand in hand and should be implemented together.
Cost Savings
One of the main reasons that companies implement BYOD is to lower their costs associated with purchasing a large number of computers or tablets. Though BYOD may lower costs of technology, if not implemented correctly, the strategy can result in higher costs in areas such as the time and support from the IT department. Without an IAM solution in place, IT employees will first have to deal with the large influx of new devices being used with their network. This can be extremely time consuming, since it has to be done manually, and each device needs to be added.
With an IAM solution in place, IT employees can easily add new devices by simply listing them in Active Directory. If desired, they can also allow end users to register the devices themselves. End users simply fill out a web form that is set up for a work flow request, which then will be automatically sent to the appropriate manager or department for approval. This completely removes IT’s need for intervention.
After implementation, an IAM solution will continue to enhance BYOD and ensure low cost and less attention from IT. IAM also allows IT administrators to easily add, make changes or disable users who are using mobile devices from one place, rather than requiring them to make changes in each system or application.
Securing the company’s infrastructure
Though BYOD means employees are using their own devices instead of company provided technology, employees still need access to the company’s network, systems and applications. This can become an issue when employees leave the company, since they keep their devices, possibly allowing them access to company data.
Organizations need to ensure that when employees leave, they no longer have access to the company’s network and data. Though the solution seems simple – disable users from the system and applications to which they have access – this often, more times than not, goes unnoticed and users remains active with access to all systems as if they were employees of the organization.
The reason for this is that IT must be notified of the employee’s leave, then must manually disable the user from all systems and applications. If an IAM solution is implemented once an employee leaves, a manager can automatically disable the user and deactivate account access, ensuring the security of the company’s data.
Easily control devices registered
One of the most important things companies can do to ensure a successful BYOD implementation is to be in control of BYOD and set rules and criteria that require employees to use their own devices from the beginning. Though this makes sense in theory, it is often difficult to do since companies often need to control and monitor hundreds or thousands of employees. This is why organizations need a solution that monitors the devices registered for them.
There are many different types and brands of devices with various different operating systems. Once an organization decides which they are going to support, this can be set up in their mobile IAM solution. When a user tries to register a device, only those that the company supports will be able to be registered with the organization.
Overall, BYOD and an IAM solutions work together, providing an organization with an optimal solution for a mobile workforce. Many of the issues commonly associated with BYOD can be easily eliminated, allowing the company to reap the best of the program’s benefits.
For more information , please visit our website.
This alone is why it’s necessary that a mobile identity and access management (IAM) solution be implemented in conjunction with BYOD. Such a solution allows companies to receive the full benefit of BYOD without having to deal with the many issues that come along with it.
Here are some reasons why BYOD and mobile IAM go hand in hand and should be implemented together.
Cost Savings
One of the main reasons that companies implement BYOD is to lower their costs associated with purchasing a large number of computers or tablets. Though BYOD may lower costs of technology, if not implemented correctly, the strategy can result in higher costs in areas such as the time and support from the IT department. Without an IAM solution in place, IT employees will first have to deal with the large influx of new devices being used with their network. This can be extremely time consuming, since it has to be done manually, and each device needs to be added.
With an IAM solution in place, IT employees can easily add new devices by simply listing them in Active Directory. If desired, they can also allow end users to register the devices themselves. End users simply fill out a web form that is set up for a work flow request, which then will be automatically sent to the appropriate manager or department for approval. This completely removes IT’s need for intervention.
After implementation, an IAM solution will continue to enhance BYOD and ensure low cost and less attention from IT. IAM also allows IT administrators to easily add, make changes or disable users who are using mobile devices from one place, rather than requiring them to make changes in each system or application.
Securing the company’s infrastructure
Though BYOD means employees are using their own devices instead of company provided technology, employees still need access to the company’s network, systems and applications. This can become an issue when employees leave the company, since they keep their devices, possibly allowing them access to company data.
Organizations need to ensure that when employees leave, they no longer have access to the company’s network and data. Though the solution seems simple – disable users from the system and applications to which they have access – this often, more times than not, goes unnoticed and users remains active with access to all systems as if they were employees of the organization.
The reason for this is that IT must be notified of the employee’s leave, then must manually disable the user from all systems and applications. If an IAM solution is implemented once an employee leaves, a manager can automatically disable the user and deactivate account access, ensuring the security of the company’s data.
Easily control devices registered
One of the most important things companies can do to ensure a successful BYOD implementation is to be in control of BYOD and set rules and criteria that require employees to use their own devices from the beginning. Though this makes sense in theory, it is often difficult to do since companies often need to control and monitor hundreds or thousands of employees. This is why organizations need a solution that monitors the devices registered for them.
There are many different types and brands of devices with various different operating systems. Once an organization decides which they are going to support, this can be set up in their mobile IAM solution. When a user tries to register a device, only those that the company supports will be able to be registered with the organization.
Overall, BYOD and an IAM solutions work together, providing an organization with an optimal solution for a mobile workforce. Many of the issues commonly associated with BYOD can be easily eliminated, allowing the company to reap the best of the program’s benefits.
For more information , please visit our website.
Subscribe to:
Posts (Atom)