Complex passwords: Their intention is to ensure organizational security, but they often cause more of a headache than they are worth, and the issues that usually arise from having to manage them can prove more problematic than beneficial. Security, of course, is the name of the game here, and organizations that put such a strategy in place are usually better off for doing so. However, given the complexities of such protocols – the rules associated with complex passwords, such as changing them monthly, for example -- often cause many headaches for end users, the helpdesk, IT departments and the organization overall.
The issues involved in employing a complex password strategy are many. The following are just some of the issues enterprise IT leaders often experience because of them:
Extended Log In Times
When employees need to log in to each system or application separately, and enter a different set of usernames and passwords, the process becomes time consuming and cumbersome. This can be especially annoying for those who utilize multiple computers and workstations. Each time they need access their systems, they are likely required to log in into a different computer and each application again, separately. This can be a major drag on efficiency and productivity.
Community Bank and Trust of Florida is an example of an organization facing these issues. The bank uses hundreds of different systems and applications to assist its customers, and because of this, employees frequently had to remember credentials for many of them. This proved difficult since most of the organization’s passwords were complex and expired often, which led employees to frequently forget their passwords. With a focus on quality customer service, the password issues caused a major issue with efficiently assisting customers.
Customer Service Issues
Not only is logging into each system and application separately an annoyance for the employee, it also can be a huge service obstacle for customers when an employee must load and re-load their access rights for the various systems they need to access when addressing client-facing service requests. Add to this any problems, such as getting locked out, and the issue is only exacerbated. If customers are affected by such issues, it’s a negative. If customers must wait longer than they need to because of poor IT protocols, they may leave and never return.
Needham Bank in Massachusetts faced this challenge. Employees at the bank were frustrated by the number of credentials they were required to remember and by the amount of time it took to reset their passwords. It also frustrated employees when they had to halt what they were doing and contact the help desk to reset their password when locked out.
Decreased Security
People tend to take the easiest action to complete tasks in the timeliest manner. With passwords, this means they usually write them down. Obviously, this is a self-defeating action when security is the ultimate goal. Simply put, doing so leaves the organization’s network at risk for hack or attack.
Waiting in Queue for a Password Reset
Help desk, help desk, help desk: Calls to the help desk because of users forgetting their complex passwords is an issue no one should face and yet currently takes most of the help desk’s time to manage. In fact, it’s estimated that password resets are one of the most common reasons for calls to the help desk, and that 40 to 50 percent of all calls to the department are because they need passwords reset.
When users need to reset their passwords because of forgetting one of the many they need to remember, they’ll likely need to go through the process of contacting the help desk. While this process isn’t very difficult, it is non-productive for employees to sit on the phone waiting in the queue when they have a list of things needing to be completed for the day. This leads to the next issue.
Large Number of Calls to the Help Desk
For even the smallest organizations, voluminous calls to the help desk is a major problem since the department has to then deal with the issue.
Certain password solutions can be helpful with these issues. More organizations are beginning to realize the benefits of single sign-on and self-service password reset solutions, allowing them to solve these issues while still ensuring security.
SSO allows users to log in with one set of credentials and thereafter automatically gain access to all other applications and systems for which they are authorized. This helps improve log in times since users only need to enter credentials one time, instead of for each application. The solutions also drastically reduce the chances that users will write down their credentials since they do not have several to remember.
Also, two-factor authentication can be added ensure additional security of information and systems. Instead of entering a username and password, two-factor authentication requires users to log in by presenting a smart card to a reader and entering a PIN code. Combining a smart card and a PIN ensures strong authentication since it is based on two forms of identification.
Finally, self-service password reset solutions allow users the ability to reset their passwords themselves after correctly answering security questions that they previously provided answers to. This allows users to proactively solve their own password issues without having to contact the help desk. In turn, this drastically reduces password reset calls, and allows employees to be more productive.
Password solutions such as these allow organizations to ensure security while also allowing their employees to be more productive, can improve customer service and can drastically reduce the calls to often overwhelmed help desks.
For more information, please visit our website: www.tools4ever.com
Thursday, October 2, 2014
Subscribe to:
Posts (Atom)