Small business and IT problems

The IT industry seems to overlook the needs of the small business sector, instead focusing mainly on mid-sized and large organizations since they are often the ones that face the greatest number of issues with licensing, accounts and identity and access management rights, for example. Those leading the efforts of small businesses realize that they often have many of the same issues faced by larger organizations, but unlike large organizations, small businesses often do not have the staff and resources readily available to easily handle management of these tasks. Thus, these issues either go unaddressed or require more time and money spent on managing them than is necessary.

Similar Password Issues

One of main issues large and small businesses have in common are password management for their employees. Smaller organizations, just like larger corporations, have to access many systems and applications to perform their jobs. For example, think of a credit union. Employees there need to access several different financial systems to assist their customers. Entering credentials for each of these systems is time consuming, not to mention very difficult to remember. Hence, the reason why many employees tend to write down user credentials and keep them close at hand.

Additionally, just like employees in larger organizations, they often get locked out of their accounts and need to frequently reset their passwords. Often this is time consuming since they need to contact someone to do it for them. When a customer has to wait for an employee to reset their password this can be a huge annoyance and decrease customer satisfaction. 

To make these password issues even more difficult, small businesses often need to do more with less. In most case, the small businesses that I consulted and worked with don’t have an extensive budget to fix IT infrastructure or implement large, enterprise solutions to manage their processes. Instead, they need to find ways to be more efficient without breaking the bank; sometimes small business owners Frankenstein systems for the results they seek. This can often be difficult, though, since many password solutions are aimed at big business, and the thousands of employees that they have.

Additionally, small businesses compared to larger organizations often have very small IT or no departments. Sometimes only one or two people; sometime just themselves throw into everything else they must manage in their business’ daily lives. When an employee forgets their password or is locked out of an application they need to go through the process of resetting their passwords. If there is a help desk or IT department, having them focus on password resets can take away valuable time to focus on other issues. Even worse, if this issue occurs after business hours there may be no one to resolve the issue.

Case in point

Needham Bank in Needham, Massachusetts, is a private bank with fewer than 170 employees. Team members there need access to several different systems and applications to properly assist customers.

“Employees became frustrated at the number of disparate passwords they had, and the frequency they would have to enter the user names and passwords,” said James Gordon, vice president of information technology at the Bank.

It was also frustrating when employees had to stop what they were doing to contact the help desk and reset their password when they were locked out. Customers also became frustrated, as they had to wait for bank employees to sign into each application separately, which was time consuming.

To resolve its issues, Needham Bank implemented both a single sign-on solution (SSO) and a self-service password reset solution. SSO allows the organization to use a single set of credentials for all systems and applications needed to access and to help customers. The password reset solution allows employees to reset their own password without having to contact the help desk. Team members simply answer several security questions, which they previously provided answers for during initial enrollment, and are able to securely reset their own password.

Solutions such as these can assist small businesses with their access and identity management issues without them needing to spend big dollars on large, enterprise solutions that were not designed for them. Password management alone can have a huge effect on business for both large and small companies, which is why it is important to resolve the issues in the most appropriate way for the size of the organization.

For more information, please visit our website: www.tools4ever.com 

Self-Service Reset Password Solutions: Issues Addressed and Problems Solved

You're thinking about implementing a self-service reset password solution, but you are not quite sure if it is worth it or if it will benefit your organization. The following checklist provides an easy overview of issues you might face, as well as provides solutions to how a password reset solution can easily solve these issues in addition to saving you time and money. 

First, take a look at the following checklist. Following that we'll dig into some of the specific issues organizations face and how self-service reset password solutions address these problems. First, though, does your organization face many or all of these issues? 

• Large percent of calls to your help desk is for password resets
• Employees working off hours or in different time zones
• Employees wasting time/productivity waiting for a password reset from the help desk
• Your employees work with customers or patients, and their work is time sensitive
• Password resets that need to be performed in many different systems and applications
• Many of your employees work outside of the network and still need password resets
• Your organization requires complex passwords, which many of your employees forget

If you have a number of these issues, you may be overwhelmed by the level of responsibility required for managing your manual processes; specifically, related to the management of resetting and serving access to employee's systems.

That said, here are a number of issues your peers may be facing because they are not effectively addressing self-service access issues: 

Your Helpdesk Receives Too Many Password Calls

On average, 25 percent of the calls to a help desk are estimated to be password related, like resetting employees' forgotten passwords. At some organizations this number is even higher, of course. Though password resets are an easy problem for the help desk to solve, when there are many of these types of calls a day, this becomes time consuming for staff. This also may require additional staff for an organization that has many employees resetting passwords. If your organization's help desk calls are a large percent for password resets, a self-service password reset solution can easily and drastically reduce the amount of calls by up to 90 percent. This allows help desk staff to focus on other, more important, issues. In some cases, these solutions also decreases the amount of staff needed. 

Multiple Locations or Working in Different Time Zones

Some large or multi-located organizations have offices or employees across several regions, and many times their help desks are located only at their headquarters. Other companies have employees or users who need access to systems and applications outside the operational hours of the help desk. Take, for example, a school whose students need to access an application after school hours to complete their homework. If they need to reset their password after school then they are unable to contact the help desk. 

This can also be a problem for other types of organizations, such as banks or hospitals, which might not have a 24/7 help desk staff. If employees forget their passwords or are locked out of their accounts on weekends or after the hours of the help desk then they are not able to reset their passwords and access the systems or applications that they need. 

Time Spent on Waiting for a Password Reset

In many organizations the process of resetting a password is time consuming. The employee has to contact the help desk, who then places a work order, resets the password then contacts the users back. This process can take up to half an hour or more, during which the employee cannot complete their work. With a self-service reset password solution employees can be more productive and not waste time on simple issues like password resets. They can proactively reset their own password and continue with their work. 

Your Employees Work with Customers or Patients on Time-sensitive Issues

In many circumstances, it is important that your employees are able to log in quickly and access their accounts to properly serve their customers. When a customer has to wait for your employee to call the help desk and reset their password it can be an annoyance and a bad customer experience. This is extremely important in the case of care organizations where they need to quickly access systems and applications to serve their patients. In addition, other industries such as those with direct client contact, for example a bank, waiting for a password to be reset can be a huge annoyance for both the employee and customer. 

Password Resets Need to be Performed in Many Different Kinds of Systems and Applications

Organizations often use several different types of platforms, including often a variety of web applications. Employees often need to reset their passwords in many different types of applications, sometimes all at once, especially after a long break, such as summer break for schools. With a self-service password reset solution end users can reset as many passwords they need, in virtually any application or platform without having to burden the help desk. 

Many of Your Employees Work Outside of the Network and Still Need Password Resets

Many organizations have employees who work outside of the company's network, on the road or from a remote location or from home and use mobile devices. These employees often have the same issues as employees who work in the office with password resets. With a self-service password reset solution, employees can reset their password from anywhere and continue with their work. 

Your Organization Requires Complex Passwords that Many of Your Employees Forget

To ensure security of the network, organizations often require employees to use complex passwords, including using symbols and a certain number of characters. Though this can increase security, it can also lead them to forget and need to reset their password. A password reset solution can ensure that employees follow a certain password policy that follows the organizations guidelines, when they are resetting their password. 

In addition to the many issues that a self-service solution solves, there also are several additional benefits: 

Advanced Authentication
Advanced authentication in the form of two-factor authentication or SMS authentication can ensure security by requiring two forms of authentication for the user to reset their password. This will usually be an answer to a personal verification question in addition to a code sent via text message or email. This ensures that the person resetting the password is who they claim to be. 

Password resets for mobile devices
Since employees often use mobile devices, many password reset solutions have the ability to work with a web interface. This means that users who are on their cell phone or any other mobile device can also enjoy the benefits of the self-service password reset solution. 

For more information, please visit our website at: https://www.tools4ever.com/software/self-service-reset-password-management/

Health IT Savings Must Factor into ROI

No matter the industry, each time a purchase is made, business leaders always want to know what they are getting in return for their financial investment. Questions frequently asked include: “How is this going to help me?” and “What is my return on investment?” Another phrase, often uttered by “Mr. Wonderful” Kevin O’Leary from the popular show Shark Tank is, “What am I getting for my investment?”

By examining the answers to these questions, business managers and organizational leaders must ensure that their budget is being adhered to and that purchases by the organization are considered, or proven, not to be a “waste” of money.” Often, return on investment (ROI) is a combination of both “hard” and “soft” costs and savings, which can often be difficult to determine. The “hard” cost is easy to define: What am I spending now versus what will I be spending on a different product, solution or system, or by doing nothing? Alternately, how is this solution going to allow me to save money in the long run? In this scenario – “hard” costs and savings — there is a definitive dollar figure that is able to be applied to implementing a solution.

“Soft” savings are a bit more of a complex issue; they are more difficult to determine and to document. For example, time and labor saved, or stress saved by employees completing a task that takes 10 minutes versus 35 minutes are soft savings. Soft savings also might be seen in improvements in customer service or in the customer experience. It is difficult to put a dollar amount on these scenarios and improvements, but they do impact a business, its success and its financial performance.

Time is money, of course, but in the case of healthcare perhaps it’s more fitting to say that “time is life.” This savings equates to valuable potential life-saving time, as we well know, and, in turn, improves patient care. As healthcare organizations seek ways to allow clinicians the ability to focus more on patients rather than on information technology, there are some solutions available — many that that are often overlooked that allow them to reach their goals. Some of these technology solutions provide a direct correlation between a physician’s ability to enter an information system, retrieve or enter information and get back to focusing on patient care. Essentially, with these types of solutions, like access and identity management, physicians can get back to work more quickly and their interaction with the technology is reduced.

Because of proven soft savings, most health executives are able to justify some expenses related to hard dollar investment for these types of solutions. For example, access management solutions allow IT leaders the ability to automate account management processes – accessing system information, resetting passwords and ensuring proper access to proper individuals — rather than requiring hospital system admin employees to provision, delete and manage employee’s accounts. Thus, these employees can focus on more important issues and devote time to higher priorities.

In healthcare specifically, identity and access management software plays a key role in optimizing “hard” costs. They reduce costs by automating the user account lifecycle, allowing accounts to be quickly provisioned for clinicians or account changes to easily be made so that they have access to what they need, when they need it. Other password management solutions, such as single sign-on, further allow clinicians to easily move from room to room without needing to enter separate credentials for each application repeatedly each time they switch computers or workstations.

Therefore, when thinking of making a decision to purchase new IT solutions, healthcare leaders should keep in mind questions like, “How is this going to help me?” and “What is my return on investment?” At the same time, they also need to remember to keep soft dollar savings in mind.

For more information, please visit our website: https://www.tools4ever.com/industries/healthcare/ 

Wild Ways people Remember Passwords

Everyone has done it, used some kind of wild way to remember user names and passwords. Let’s face it, the rules for managing passwords is overwhelming. People are required to remember numerous sets of credentials for all of the systems and applications they need to access their job and personal life, but it’s often too difficult to remember them all.

In addition, passwords often are required to be complex with several different symbols and characters, and they often need to be changed every month or so. Given all of the rules and parameters, how is anyone supposed to keep track, and remember, all of this information on top of all the work they need to complete, PIN codes they need to recall and every other detail that takes up much needed bandwidth?

How do most people remember their passwords? Chances are they keep all of their pass codes in some type of non-secure method to remember them. Given my line of work with clients facing complex password issues, I’ve witnessed many wild ways in which end users use to remember passwords. Frighteningly so, some people even believe that their methods for password “storage” are safe and don’t realize that they are actually putting their organizations at risk.

Though organizational leaders may think that requiring employees to use complex passwords that get changed often is making their network secure, reality is this is often counterintuitive and leads employees to user non-secure methods.

Here are just some of wildest ways I’ve seen people store their passwords:

1. Since employees feel they have to constantly login, many folks keep their credentials in front of them, written on Post-It notes, pasted to their computer screen in plain sight of passersby. That just makes it a lot easier for hackers to gain access to critical information.
2. Some people think that if they hide their passwords, this will keep their information more secure. Many employees, however, actually keep their password sheets in their desk drawer or under their keyboards, falsely assuming no one will just open the drawer or move the keyboard and take a peek.
3. Recently, one of our employees visited the doctor’s office and saw that the receptionist actually had her passwords listed on a recipe card atop the desk next to her monitor in clear view of everyone coming and going. Next to that card were instructions – step by step — for accessing all of her accounts.
4. Some people even use an invention that they believe is helping them keep their passwords safe: A type of notebook that looks like a phone book allowing them to write down their passwords and organize them. Sure, this is good for organization, but what happens when someone finds the notebook and has access to all of the credentials?

Chances are, many employees in virtually every organization use these methods, but these strategies can cause security risks for any organization. Luckily, though, there are easy ways to stop employees from using such non-secure methods.

One way is with a simple single sign-on solution. An SSO allows employees to create a single set of credentials for all of their systems and applications, eliminating the need to write down passwords or use other non-secure methods for storing their information. Employees simply log in with their credentials and thereafter are authenticated in each of their applications automatically after they are launched.

So, while it may be funny to read how employees remember their passwords, it won’t be funny when your organization faces a security breach because of it.

For more information, please visit our website.  

Opening up your Data to Customers and Partners

Where IT previously catered to internal employees needing access to information inside the company network, many organizations now find themselves in the preliminary stages of sharing information from their company networks with external clients. A wholesaler, for example, may offer clients a portal where they can view inventory and order status, their customer details, and outstanding invoices.

Ensuring the safe exchange of information to third parties is a whole other issue, as is the process of letting users authenticate themselves. However, the process is usually simple and easily managed, in most cases, automatically. 

Identity Providers

In addition to providing access to employees, organizations are also becoming identity providers for external customers needing access to business information stored in the company network. External clients, such as a utility provider, who log in to the network, via a portal, must be able to easily authenticate themselves.

Most organizations choose to use their existing Active Directory for this authentication. After all, the Active Directory (AD) is an excellent credential store for employee user accounts.

Since most users also often have considerable AD experience, enabling optimum management and continuity, most organizations also choose to include an AD account for external customers who need to access their network. Organizations often enter into agreements with Microsoft to prevent Client Access License (CAL) fees needing to be paid unnecessarily for infrequently-used AD accounts.

A drawback of adding customers to the internal AD is that the number of accounts increases significantly.

Organizations also often realize that they must have the identity lifecycle for third party accounts fully under control. After all, if any customer can log in via the portal, this could result in potential financial damage. Thus, the organization must ensure that their AD is clean and up-to-date. All of this represents a major management burden for the IT department.

These issues can easily be solved though using an identity management solution enabling real-time user account management for external customers.

The CRM Solution as Source System

Another consequence organizations face when deciding to add third party accounts to the AD is that it involves a source system other than the one utilized for employees.

For them, the HR system is often used to create network user accounts, but customer data comes from a CRM system. More often than not, CRM systems do not contain clean and up-to-date information, making them problematic to use as a source system for user accounts. If organizations want to act as identity provider for external customers, this means they either need to optimize the content of their CRM, or look for another source system.

Organizations can address this problem by not populating the AD until the customers log in to the portal the first-time, enter their details and are granted access after internal validation. By creating a link between the CRM system and the AD, it is then possible to add to the customer details using information from the CRM system.

For more information, please visit our website. 

Hard and Soft Savings Must Factor into ROI, Especially for Health IT Solutions

No matter the industry, each time a purchase is made, business leaders always want to know what they are getting in return for their financial investment. Questions frequently asked include: “How is this going to help me?” and “What is my return on investment?” Another phrase, often uttered by “Mr. Wonderful” Kevin O’Leary from the popular show Shark Tank is, “What am I getting for my investment?”

By examining the answers to these questions, business managers and organizational leaders must ensure that their budget is being adhered to and that purchases by the organization are considered, or proven, not to be a “waste” of money.” Often, return on investment (ROI) is a combination of both “hard” and “soft” costs and savings, which can often be difficult to determine. The “hard” cost is easy to define: What am I spending now versus what will I be spending on a different product, solution or system, or by doing nothing? Alternately, how is this solution going to allow me to save money in the long run? In this scenario – “hard” costs and savings — there is a definitive dollar figure that is able to be applied to implementing a solution.

“Soft” savings are a bit more of a complex issue; they are more difficult to determine and to document. For example, time and labor saved, or stress saved by employees completing a task that takes 10 minutes versus 35 minutes are soft savings. Soft savings also might be seen in improvements in customer service or in the customer experience. It is difficult to put a dollar amount on these scenarios and improvements, but they do impact a business, its success and its financial performance.

Time is money, of course, but in the case of healthcare perhaps it’s more fitting to say that “time is life.” This savings equates to valuable potential life-saving time, as we well know, and, in turn, improves patient care. As healthcare organizations seek ways to allow clinicians the ability to focus more on patients rather than on information technology, there are some solutions available — many that that are often overlooked that allow them to reach their goals. Some of these technology solutions provide a direct correlation between a physician’s ability to enter an information system, retrieve or enter information and get back to focusing on patient care. Essentially, with these types of solutions, like access and identity management, physicians can get back to work more quickly and their interaction with the technology is reduced.

Because of proven soft savings, most health executives are able to justify some expenses related to hard dollar investment for these types of solutions. For example, access management solutions allow IT leaders the ability to automate account management processes – accessing system information, resetting passwords and ensuring proper access to proper individuals — rather than requiring hospital system admin employees to provision, delete and manage employee’s accounts. Thus, these employees can focus on more important issues and devote time to higher priorities.

In healthcare specifically, identity and access management software plays a key role in optimizing “hard” costs. They reduce costs by automating the user account lifecycle, allowing accounts to be quickly provisioned for clinicians or account changes to easily be made so that they have access to what they need, when they need it. Other password management solutions, such as single sign-on, further allow clinicians to easily move from room to room without needing to enter separate credentials for each application repeatedly each time they switch computers or workstations.

Therefore, when thinking of making a decision to purchase new IT solutions, healthcare leaders should keep in mind questions like, “How is this going to help me?” and “What is my return on investment?” At the same time, they also need to remember to keep soft dollar savings in mind

For more information, please visit our website. 

Marywood University Case Study

Marywood University has implemented Tools4ver’s User Management Resource Administrator (UMRA). Located in Scranton, Penn., with more than 3,200 undergraduate and graduate students, and several hundred staff members, professors and other employees working at the university, the school needed an efficient way to provision user accounts.

With UMRA, the account management process at Marywood University is now fully automated so that no manual action needs to be taken by the IT staff. Once a student’s information is added into the Ellucian student information system, all appropriate accounts are automatically provisioned, a Gmail account is created and a password for the portal is generated.

Before adding Tools4ever’s UMRA, “It was an extremely time consuming, labor intensive challenge to provision portal accounts and corresponding Gmail addresses,” said Anthony Spinillo, chief information officer at Marywood University.

Spinillo added, “Our help desk would field dozens of calls per day because of long turnaround time on provisioning, but with UMRA, these calls dried up. Helpdesk staff now has much more time to help students and faculty with instructional technology issues.”

Marywood University also is planning to implement Tools4ever's Self Service Reset Password Manager (SSRPM) that will allow students and staff the ability to easily and securely reset their own passwords without needing to contact the help desk. Doing so will free up more time for Marywood University’s help desk employees and allow for students to be more productive.

For more information or to read the entire case study, please visit our website.

Tips for optimizing software in your organization: Reducing the total cost of ownership

It is generally accepted amongst security specialists that implementing identity and access management (IAM) software is one of the most effective ways to automate tasks that have traditionally been done manually by IT staff. These solutions enhance security, increases productivity and reduces IT costs. However, how are organizational leaders to know whether they are choosing the most cost-effective solutions for their organizations?

The following are some top tips to reduce the total cost of ownership of your implementations such as these, and possibly others, even further.

Optimize your features check

When comparing software functionality between vendors, it is tempting to choose a solution that has the largest and most varied functionality for what seems like a justifiable cost.

This is a trap many of us fall into as we want to get what we deem is the “most for our money.” However, in many cases, the majority of the features available are surplus to requirements. More often than not, this exhaustive range of functionality will never be used. You have, therefore, entered into a false economy by choosing what you perceived to be the best value for money. This will result in your organization paying for functions that will never be useful to you.

To ensure fast ROI and reduce overall costs, choose a software solution based on its ability to carry out the core functions needed by your organization. Focus on what you fundamentally need the solution to do, and search only for these functions when evaluating vendors. Target solutions that offer a phased approach to installation and can show good levels of connectivity with applications. This way, different functionalities can be added on at a later date when the core processes are in place.

Software offering less exhaustive features is often not only cheaper, but it is also quicker to implement, saving valuable time for the organization. With the core functions taken care of, you can quickly start seeing the benefits in terms of ROI. Most manual tasks will be automated and time can be freed up for skilled staff to be allocated to more network critical issues – speeding up long-term projects and ensuring the network is run smoothly and securely.

As such, senior IT staff will likely be more encouraged as they will likely be more challenged by their work, leading to higher levels of productivity from them.

Using user management software like, Tools4ever’s UMRA has benefited Oxford University Press as this technology has taken over the manual user management task that previously took up a great deal of time for the IT department. For example, to manually modify and update employees entering the organization, leaving the organization or transferring between departments, it would have had to employ someone full time to manage these simple processes. This was neither practical nor economical for Oxford University Press. Now, UMRA takes care of these tasks and the employees allocated to account management to more crucial and engaging tasks.

Reduce professional services costs

When mapping out timelines for your software implementation, there is a tendency to focus on how much the interim procedures put in place whilst the installation is on-going will cost — any extra internal resources that will be required, costs incurred by keeping staff on while the solution is put in place, costs incurred by skilled staff not being able to work on more complex matters, etc.

However, we often neglect to pay attention to the professional services costs. The longer the implementation takes (and usually the more complex the process), the more these costs will mount up. Underestimating the total outlay for professional services can lead to the whole implementation becoming a great deal more costly than originally budgeted.

Dealing with vendors with a more customer-focused ethos is a good way to solve this issue. Companies of this nature are more likely to offer discounts and bundles with their software and professional services costs. Seeking out vendors who use approaches, such as the rapid application development methodology is another way to reduce this outlay. Vendors using this type of approach often strike a better balance between the planning and installing phases of your implementation, meaning they do not spend months and months planning, but try to limit this stage to get your installation underway faster, usually by implementing in a test environment.

Conclusion 

Completely comprehensive implementations that tick every possible box are not only often unnecessary from the outset in terms of functionality and they also take a long time to implement, meaning contingency plans have to be put in place whilst waiting for the complete solution and professional services costs begin to mount up.

A solution that allows for a phased approach — i.e. for core features/functions critical to your business to be implemented within a short space of time and less critical applications and features to be added on at later phases — will help reduce your overall spend as there can be more flexibility with budgets and timings.

For more information, please visit our website. 

Banks and others accounting for BYOD

Banks and credit unions, like many other non-financial organizations, are quickly realizing the benefits of implementing bring your own device (BYOD), primarily because of the many benefits that BYOD provides both the organization and its employees. Of course, a main benefit that financial institutions see from implementing BYOD is lower costs associated with purchasing a large number of computers or tablets. Employees are able to bring and use their own devices and register them with the company’s network.

Most of this kind of technology is current only for a short period of time and then becomes obsolete, in need of replacement or vulnerable to attack because of out of date operating systems and software. By allowing employees to bring and use their own devices in the workplace, they are able to ensure their own technology is up to date without the organization constantly incurring the costs for new devices and upgrades. An additional benefit is that end users are most comfortable with using their own devices—which can translate to more efficient workers—and saves financial institutions from the need to provide any user or system training.

Though BYOD may lower costs of technology and increase productivity (that’s always been the BYOD argument), if not implemented correctly a BYOD program can easily turn into a mess of a headache for information technology, human resources and other departments because of security issues, which result in higher costs and vulnerabilities to organizations and can lead to an increase of internal time and support resources.

When BYOD is first implemented, IT must establish how it will address the influx of new devices being used within the company’s network. Of course, this can be extremely time consuming since each device has to be added to the network manually. This also affects HR since they’ll be in charge of managing the provisioning and user account set up for each of these devices.

If not handled correctly, BYOD can lead to numerous security risks. Since the employee owns the device, once they leave the organization they keep their device, allowing them to potentially continue accessing company data. Companies need to ensure that when an employee leaves they no longer have access to the organization’s network and data, simple as that.

Because of these potential issues, one of the most important success factors often discussed about implementing BYOD is setting rules and criteria for employees using their own devices. By establishing a policy from the beginning, employees will know exactly what is expected from them, alleviating the confusion about what is expected if they participate in the program. This also allows the organization to define any repercussions should employees misuse or take advantage of the use of the BYOD policy, as well as establish guidelines for how IT and HR should handle BYOD devices.

That said the following are the bare minimum criterion that should be placed in any BYOD policy.

Set guidelines for the types of devices allowed
One of the top issues with BYOD is that there are many different types, brands and operating systems for the multitude of devices that have flooded the market. When employees register their device with the company, they then expect the IT department to support it and resolve any issues with it, which can result in a technical nightmare. Each bank, credit union or financial institution needs to determine from the outset which types and brands of devices are going to be supported.

Establish a process for disabling users
Allowing employees to use their own devices can lead to a security risk once the employee is no longer with the company. Organizations need a system in place to ensure that once the employee leaves, their account is automatically disabled. Many credit unions and banks use an automated account management solution that allows managers to easily disable the user from all systems and applications with just one click, ensuring that the network stays secure.

Security for compliance and audit needs
It is important that the organization ensures that BYOD also meets audit and compliance needs. The organization needs a system for recording any actions and keeping access records. Identity and access management solutions can help the organization ensure that its device users only have access to the systems and applications they are supposed to. This information can then also be easily accessed when it comes to audit time.

By properly ensuring the BYOD policy for the organization and end user from the beginning, banks and credit unions can hopefully avoid the many issues that can occur along the way. This allows them to receive the full benefits of implementing BYOD at their organization.

For more information, please visit our website, www.tools4ever.com .

Virtual Desktops: Healthcare’s Next Highly Unsecure Convenience

Virtual desktops have a place, and they can be very useful for a number of environments across a number of sectors. They allow for a variety of users to log in and work from a single computer or work station, allowing the user to interface with his or her systems in a virtualized environment — which is stored on a remote server rather than on a local machine – but these environments separate the physical machine from their software and present an isolated operating system for users.

Therefore, the use of virtual desktops is fairly common in healthcare as hospitals continue to seek solutions that create efficiencies; in this case, an environment where doctors are moving from room to room and need to work from different computers in different locations.

While virtual desktops as a concept can be beneficial to an organization, if used alone they can produce a variety of issues and limitations for those using them. For example, using hospital employees as an example again, as a group they tend to move from work station to work station frequently, logging into their applications and systems on a variety of workstation and switching between computers. Do so each time an employee switches computers is a major inconvenience, not to mention time consuming. Further, new and ever-changing regulations may prohibit the use of any type of shared account commonly found in a virtual desktop environment. For this reason, this is why many organizations have realized that the benefits of a virtual desktop can be made even greater if used in conjunction with a single sign-on or other automated access management solution.

The use of the virtual desktop continues to grow, however. As proof, in a 2012 study conducted by Spiceworks, more than 60 percent of organizations said they planned to roll out or evaluate desktop virtualization in the near term. Many also have or want to implement a single sign-on solution in conjunction with virtual desktops. The reasons for this are many.

Easy Movement

In healthcare, especially, clinicians need quick access to their computers and work stations. While a virtual desktop allows them the ability to easily move around to different rooms on their rounds, there’s usually quite a bit of wasted time because caregivers need to repeatedly log in to numerous applications. Anything that slows down the log in process can have a negative impact on patient care. Single sign-on solutions mitigate this issue, allowing end users the ability to provide their access credentials a single time and automatically be authenticated each time a program is launched. So, when an employee moves to another workstation in the hospital, they simply need to enter only one set of credentials and have access to everything they need to perform their jobs from that point for the remainder of their shift. 

Government Regulation

Another issue that many healthcare organizations may face in with virtual desktop environment is that employees often have share accounts on them, which can lead to HIPAA violations. Of course, HIPAA requires that healthcare organizations show exactly who has access to secure data, as well as ensures that this data is protected and kept safe. Additionally, health systems also must track who exactly is accessing secure and protected information and who is entering a system or retrieving information and making changes to the data, including patient information. 

Because of this, hospitals must eliminate all shared accounts to determine who is making changes where and to what information in the record. Single sign-on technology can assist with managing this process by allowing the users to use their own log in — which can be catalogued and tracked for auditing purposes — all the while only requiring them to remember a single set of access credentials. 

Increased Productivity

Another reason that health systems implement sing sign-on alongside their virtual desktops is because they have seen an increase in productivity overall. End users are able to quickly access what they need to complete their work, without needing to repeatedly log in to each system and application. For example, the log in process becomes even more of a hassle when a user forgets a password to one of his or her applications and is locked out of an account. Single sign-on applications make it much easier for users to remember their credentials, as previously discussed, since they only are required to know one set instead of several sets of complicated user names and passwords. This alone can save users a tremendous amount of time each day. 

Security

Lastly, single sign-on can make a virtual desktop more secure. The solution can be paired with two-factor authentication to add an additional layer of security. Two-factor authentication requires users to enter a PIN as well as present their access badge to access the computer or workstation. This ensures that the user is who they claim to be. 

Overall, virtual desktops, in conjunction with single sign-on, are able to help organizations protect their data, set parameters for who has access to it and meet the burden of regulation while also increasing organizational productivity including providing users with fast and secure, access to systems and applications used throughout the workday; especially important to those providing care to patients.

For more information, please visit our website - www.tools4ever.com . 

5 Ways to Know You Need an IAM Solution

Implementing an identity and access management solution scares many organizations’ IT leaders and their CEOs for a variety of reasons. Though doing so does cost money, the expense of doing so is probably not as much as if saved because of resulting employee efficiencies among other savings factors. Cost and investment are only a small factor to be considered.

Every organization must address password and account management issues. They can be overlooked, of course, and assigned to be managed by IT departments as they arise, but usually in every organization, there is a certain point where the problems created by poor access and identity management procedures interferes with productivity in an overwhelming fashion and begins to cost the organization unneeded time and money. That’s when it becomes a major issue.

So how do you know when it gets to this point and when your organization needs an IAM solution? The following are five ways that you know an IAM solution is needed to improve processes.

1. An abundance of calls to the helpdesk

Whether it is password or access issues, when your helpdesk is receiving an overload of calls each day, the amount of time spent managing the process and time wasted by employees to re-gain access to their accounts can have a devastating effect on the productivity of the end user. Contacting the helpdesk, staring a new ticket and solving the account and password issue is time consuming and an extreme annoyance when an end user is in the middle of something; especially if they are with a customer at the time they are locked out.

2. Full-time employee for account management

Many organizations need to hire a full-time employee just to handle provisioning accounts and making account changes. If this is a full-time position at your company it is because you are handling the account management process manually, which is time consuming and prone to error, not to mention, it is very expensive to hire someone to do these manual tasks full time.

3. Employees don’t have all their accounts created on first day of employment

If you have employees who, on their first day of employment, cannot start working because of lack of access to the systems and applications they need, this is shows an inefficient process. It usually takes up to a week for a new employee to have all the correct access they need, which is a monumental loss of productivity, time and money.

4. Users are accidentally left active after they are no longer with the organization

Often, when employees leave an organization, disabling their accounts is overlooked and they are left active on the organization’s network. Though this is easy to overlook, it can create a security risk. Once an employee leaves, their access should automatically be disabled so they are no longer able to retrieve anything in the organization’s network.

5. Each system or application has different employee information

If each of your organization’s systems and applications has different employee information, this can be a difficult environment to manage, especially when trying to keep all data in sync. Each system needs to have the most current and correct employee information. When an employee gets married and changes their last name, for example, changing this information in each system can take a great deal of time and easily be overlooked.

Are any of these happening at your organization? If your organization deals with one or more of these issues, you may benefit from an IAM solution. So, even though implementing the solution can be scary, the process is actually a lot easier than dealing with issues that are already occurring on a basis, and can save your organization time in the long run.

For more information, please visit our website - www.tools4ever.com . 

Access management for remote employees

Organizational IT leaders are most likely face a difficult decision related to allowing their employees to access company systems and information remotely or when working in a remote capacity. They are likely aware of the many benefits, but they have a dilemma: As more employees work outside of the office, how are they able to effectively provide efficient solutions to managing this data.

Solutions have adapted over the years so that employers can better benefit employees who work outside of the office. For example, technology solutions like single sign-on and self-service password reset, were first just for employees who worked in a collective work environment, in an office setting, but now they can now benefit all employees within an organization no matter the location of the employee.

For employees who work outside the company’s network, a single sign-on solution provides a way for employees to log into an “SSO anywhere” solution. This allows users who are not physically connected to the company network and want to use SSO, to log in from home or another location using their Active Directory credentials. In this scenario, users only have to enter a combination of password and user name once. This automatically logs them into all applications and resources across the company network and in the cloud, without the need of logging in again.

In regard to self-service password resets, many types of these solutions now allow users to log in and reset their passwords if needed, from anywhere. They simply choose the “Forgot My Password” button from the company’s log on window or portal and are then able to securely reset their passwords after answering several security questions. No need to burden the internal company helpdesk with calls seeking assistance.

For users on the go who use a laptop that does not have a connection to the company’s network, they click on the “Forgot My Password” button that is provided on the log-in screen. The SSO solution then presents the same questions as the normal self-service password reset procedure (with network connection). After correctly answering the questions, users can then be automatically logged onto the machine. In addition, many self-service reset password solutions also are mobile-friendly for those using their mobile phone, tablet or other device.

So, while remote employees might not enjoy other benefits of working at the office — such as free coffee, in-person camaraderie and copies — they can still benefit from using the company’s solutions.

For more information, please visit our website: www.tools4ever.com .

Wild Ways People Remember Their Passwords, and Why Breaches Are Likely Because of Them

Everyone has done it, used some kind of wild way to remember user names and passwords. Let’s face it, the rules for managing passwords is overwhelming. People are required to remember numerous sets of credentials for all of the systems and applications they need to access their job and personal life, but it’s often too difficult to remember them all.

In addition, passwords often are required to be complex with several different symbols and characters, and they often need to be changed every month or so. Given all of the rules and parameters, how is anyone supposed to keep track, and remember, all of this information on top of all the work they need to complete, PIN codes they need to recall and every other detail that takes up much needed bandwidth?

How do most people remember their passwords? Chances are they keep all of their pass codes in some type of non-secure method to remember them. Given my line of work with clients facing complex password issues, I’ve witnessed many wild ways in which end users use to remember passwords. Frighteningly so, some people even believe that their methods for password “storage” are safe and don’t realize that they are actually putting their organizations at risk.

Though organizational leaders may think that requiring employees to use complex passwords that get changed often is making their network secure, reality is this is often counterintuitive and leads employees to user unsecure methods.

Here are just some of wildest ways I’ve seen people store their passwords:

1. Since employees feel they have to constantly login, many folks keep their credentials in front of them, written on Post-It notes, pasted to their computer screen in plain sight of passersby. That just makes it a lot easier for hackers to gain access to critical information.
2. Some people think that if they hide their passwords, this will keep their information more secure. Many employees, however, actually keep their password sheets in their desk drawer or under their keyboards, falsely assuming no one will just open the drawer or move the keyboard and take a peek.
3. Recently, one of our employees visited the doctor’s office and saw that the receptionist actually had her passwords listed on a recipe card atop the desk next to her monitor in clear view of everyone coming and going. Next to that card were instructions – step by step -- for accessing all of her accounts.
4. Some people even use an invention that they believe is helping them keep their passwords safe: A type of notebook that looks like a phone book allowing them to write down their passwords and organize them. Sure, this is good for organization, but what happens when someone finds the notebook and has access to all of the credentials?

Chances are, many employees in virtually every organization use these methods, but these strategies can cause security risks for any organization. Luckily, though, there are easy ways to stop employees from using such non-secure methods.

One way is with a simple single sign-on solution. An SSO allows employees to create a single set of credentials for all of their systems and applications, eliminating the need to write down passwords or use other non-secure methods for storing their information. Employees simply log in with their credentials and thereafter are authenticated in each of their applications automatically after they are launched.

So, while it may be funny to read how employees remember their passwords, it won’t be funny when your organization faces a security breach because of it.

For more information, please visit our website at www.tools4ever.com

How To Implement and Manage a BYOD Policy (and Keep IT Happy)

Implementing a “bring your own device” (BYOD) policy for your organization can be extremely beneficial, but if not done correctly can also cause several problems. One of the main reasons that companies implement BYOD is to lower their costs associated with purchasing a large number of computers or tablets.

Many security issues can arise, as well as an increase in time spent by the IT department on setting up and monitoring all of the employee’s devices. Though BYOD may lower costs of technology, if not implemented correctly it can actually result in higher costs in areas such as the time and support from the IT department.

It’s important to correctly set up and manage your BYOD implementation right from the beginning.

Here are several ways your organization can get the most out of a BYOD policy while easily managing the risks:

Set Up a BYOD Policy From the Beginning:

Set Up Guidelines and Rules

By drawing up a set of rules right from the beginning, your employees will know exactly what’s expected from them, leaving little room for confusion. These rules will also allow the organization to define any repercussions if employees misuse or take advantage of the use of the BYOD policy.

Set Guidelines for the Types of Devices Allowed

One of the top issues with BYOD policies is that there are many different types, brands, operating systems, and more for devices.

When employees register their device with the company, they then expect the IT department to support it and resolve any issues with the device, which can be a headache for any IT department.

An organization needs to set, right from the beginning, which types and brands of devices they are going to support.

Implement a Mobile IAM Solution in Conjunction with BYOD

Easily Set Up and Manage Devices

In addition to all employee accounts, admins will now also have to set up and register all employee devices. In the beginning especially, there is a large influx of new devices that need to be added, which is extremely time consuming if it is done manually.

Mobile IAM solutions allow admins to easily add new devices by simply adding them in Active Directory. If desired, they can also allow users to register their devices themselves. End users simply fill out a web form that is set up for a work flow request, which will then be automatically be sent to the appropriate manager or department for approval.

Once the company decides which devices they are going to support, this can be set up in their mobile IAM solution. When a user then tries to register a device, only those that the company supports will be able to be registered.

Securing the Company’s Infrastructure

Since employees will keep their device once they leave the organization (because they own it!), there is the potential for them to have continued access company data.

Companies need to ensure that when an employee leaves they no longer have access to the company’s network and data. Though the solution seems simple–disable the user from the system and applications they have access to–this often, more times than not, goes unnoticed and the user remains active.

This is because IT needs to be notified of the employees leave and then manually disable them from all systems and applications individually. If an IAM solution is implemented, once an employee leaves the organization a manager can automatically disable the user’s access and deactivate their access to the network, ensuring the security of the company’s data.

By following these guideline organizations can hopefully gain the most out of BYOD while mitigating the risks that can potentially occur.


For more information, please visit our website - www.tools4ever.com

Reducing Organizational Costs by Eliminating Costly Mistakes

One of the major topics constantly on the minds of organizational leaders is, “How can I reduce costs?” Many times this is in terms of direct costs, such as employees and materials, as managers tend to look at employees’ salaries, materials, etc., used in day-to-day activities.

Frequently overlooked is the amount of time and money that goes into other aspects of running the business that cannot be physically seen. These include such things as the management of accounts, passwords, applications and other solutions. While not at first noticeable, these costs can add up, and there are ways in which expenditures can easily be reduced. If management and leaders sit down and actually add up how much it is costing them to manage employee accounts and passwords, the cost can be astonishing. Not only is the waste physical dollars, but can also be hours spent on processes that can be made more efficient.

The following are just a few of the common ways that an organization may be wasting money, as well as the actions that can be taken to easily reduce these cost wastes.

Account and Access Management Costs

Account and access management is a task that may be costing an organization more money than previously thought. In many cases, multiple staff members focus solely on provisioning, making changes and de-provisioning accounts throughout the year. Often, this is because these tasks are performed manually for each employee’s account, and while it is not difficult, they are extremely time-consuming tasks.

Frequently if there are a large number of employees beginning employment at a company, provisioning accounts in all the correct systems and applications for each employees can take hours. Then there is the issue of temporary or contract employees. Organizations who have employees who are only there for a short amount of time, and have frequent movement, spend much time provisioning, changing and de-provisioning these accounts. They need to ensure that these temporary employees have the access they need to perform their jobs while they are there, but then also that they are promptly disabled once they are no longer working for the company.

If there are full-time employees handling these account management actions, chances are they are highly experienced and trained and high-earning IT employees handing these task. Essentially, organizations are paying technical employees to perform these simple tasks.

In addition to the expenses of manual account management, access management may be costing organizations more money than is necessary. Between the provisioning, de-provisioning and movement of accounts, one item that tends to get overlooked is exactly who has access to what, who actually needs access to certain systems and applications and how many accounts are left active that need not to be. So, for example, companies may be paying for more license costs for an expensive application than are actually needed. Or even worse, they may be paying for accounts for people who no longer even work for the organization. These are all costs that might look minimal but when added up, are costing companies a substantial amount of money.




Password Management

Another major source of money waste is with the management of passwords. META Group research, conducted on behalf of PricewaterhouseCoopers, concluded that helpdesk tickets for password resets cost annually $60.93 per employee and 45 percent of all helpdesk calls are for password resets.

This doesn’t take into account the cost of time of employees who have to deal with password resets. Think about the time it takes for both the end user and the IT employee to reset a password.  Everyone is familiar with how annoying it is when they forget their password. You need to stop what you are doing to call the helpdesk, who in turn create a helpdesk ticket and manually reset your password. In addition to the annoyance, it has a negative impact on customer service if this happens to an employee when they are assisting one of your customers.

Though it is not a highly technical task, it takes time away from the both the end user and help desk employee, time which could be used doing something more productive.

Cost Saving Solutions

So how can these costs be reduced without a huge implementation of an expensive solution? First, let’s take a look at the account management issues. Something as simple as a solution that automates the account management process can save a great deal of money. By automating the account management process, highly technical staff no longer has to handle tasks that can easily be performed by other employees. The task can be easily delegated to a less technical helpdesk staff member or other employees in the company. With an automated account management solution, less technical employees can easily manage employee accounts using a secure form. They simply enter or make changes to an employee account in Active Directory, and the changes are automatically made in the connected systems and applications. Instead of having to manually create, change or disable accounts, the employee in charge of account management can just enter the information into the pre-set form so it is easier, and errors become less likely.

This is also beneficial when it comes to license costs. Instead of paying for accounts for employees that are no longer with the company, an automated account management solution allows you to simply check a box in the employee’s profile and all accounts are automatically disabled. Many solutions also provide an overview of access rights. This allows managers to see exactly who has access to what systems and applications to ensure they are paying for the correct number of licenses. If, say, there are any errors in access rights, an automated account management solution allows them to easily be corrected.

So what about the password resets? The easy solution to this is a self-service password reset solution.  Just like on many banking websites, numerous organizations have been implementing password reset solutions for their employees to use in the work setting. Employees simply enroll by providing answers to several challenge questions and when they need to reset a password the user simply provides the correct answer to the questions and are able to easily and securely reset their passwords without having to contact the IT department. This one small solution can save an organization hundreds or thousands of dollars each year, as well as alleviate many headaches for organizational leaders.

These simple solutions are both cost efficient and allow organizations to easily reduce costs for otherwise costly processes that often take up a large amount of time.

For more information, please visit our website; www.tools4ever.com

Identity and Access Management: Hot or Not?

Identity and access management (IAM) is increasingly being deployed within organizations across multiple sectors as they recognize that a progressive approach to IAM is crucial for their companies. Though not yet mature, the IAM market continues to grow because of a number of influences and developments. Some of the developments include, among others, cloud computing, web solutions, information governance and BYOD.

To better understand how the market in moving toward IAM, let’s take a look at some of the developments and their impacts.

Moving to and using the cloud

On-premise solutions are being used less and less. Where hardware and applications were previously used in abundance and managed internally, solutions are now being moved to the cloud with an increasing amount of frequency. A main advantage of moving to the cloud is that this strategy allows organizations to make the work of their employees more flexible and allows them to work wherever they are located and to be far less dependent on local servers and other hardware. Therefore, as long as an Internet connection is available, staff can gain access to their applications and to their work.

Also, cloud applications impose far fewer demands on the equipment on which the work is done. What this means specifically is that these solutions grant employees more opportunity to work more freely from any device, be it a laptop, tablet or smartphone, as well as a desktop computer.

However, the cloud has little benefit for making the management of identity and access management solutions easier, unfortunately. Where tight integration arrangements within a network were the norm, the required collaboration with multiple cloud suppliers -- which all have their own standards -- means processes can becomes more difficult to manage in some cases. Stated another way, cloud applications have their own password policies, which means traditional LDAP authentication with the Active Directory becomes considerably more complex in it set up. Automatic management of user accounts and rights within the application also is increasingly more difficult. Finally, in addition, existing on-premises APIs no longer work over the Internet, which requires the functional application manager to operate with a manual user management interface.

WebSSO (single sign-on)

 With the growing use of cloud solutions, employees continue to have difficulty keeping track of their account credentials; this is not a new problem, but one that seems to have exacerbated recently. An often attempted solution to this problem is to offer staff and employees a portal where direct links to the various URLs for the web applications are clustered. Employees then only need to remember one URL, which is that of their own portal. The problem is, though, employees still need to remember a number of usernames and passwords once they’ve access this one URL because the applications hosted within it still need to be accessed.

A simple fix to this problem is one many are beginning to realize -- organizations can deploy WebSSO. With single sign-on (SSO), end-users only have to authenticate themselves once, entering a username and password from the Active Directory. WebSSO then takes over the log in processes, allowing users to not have to enter log in details again when wanting to open an additional application. With this approach, a user only needs to be authenticated once when entering the portal and the single sign-on software takes over the login processes for the cloud applications. This process is not only more user friendly, but also is more secure as it reduces the need for end users to write down credentials down or store them improperly to remember them.

Identity and access governance

Strict regulation in a variety of industries and across multiple sectors is helping make the use of IAM solutions more prevalent. Organizations must comply with audits or information requests, so many leaders require that their organizations clean up their information stores and in so doing, they put any rights pollution under the microscope. Since rights are often issued on the basis of copy-user or template users, pollution can easily creep in during the initial granting of rights. Manually charting the rights granted is highly complicated and time-consuming. In many instances continually managing the rights structure is simply not feasible.

Therefore, by using identity and access governance, organizations are able to easily ensure that employees only have the access to the network resources required to perform their duties. In the past, identity and access governance was largely the domain of financial institutions and major international concerns. Because of regulation and the increased need for the protection of data, governance of information is becoming more prevalent to a variety of institutions, including those in healthcare, small to enterprise companies and other commercial operations.

Broad access to information systems

Another recent development affecting the expansion of IAM solutions throughout enterprise is the increasing need to make information widely available to many parties. Growing numbers of people want or need access to information and information systems. For example, local authorities and  municipalities now allow the public regular access to their information systems to access certain data points or records. Within healthcare sector, patients require the ability to view their own medical details through secure portals and web-based sites.

Organizations are taking the initial steps and alongside their Active Directory are building up an LDAP store to enable broader access to information systems. This means that in addition to staff, external parties must also be provisioned and made known within the network. A user ID is needed and people must authenticate themselves to gain access to the information systems. With identity and access management it is possible to automate the provisioning and authentication process to reduce the overwhelming amount of manual tasks the IT department needs to perform.

Overall, the IAM market is hot continues to grow, evolving to meet the needs of organizations and the changes that they are making within their companies to operate more efficiently and change with the changing times.


For more information, please visit our website at www.tools4ever.com.

Reducing Menial IT Tasks through Automation and Provisioning

There are many identity and access management solutions out on the market that claim to have all sorts of magical benefits for the organizations they serve. If your firm is not having any major IAM issues, though, you may be wondering, “Does my organization really need any of these solutions?”

The truth is that you may believe that your systems are secure, that you have given your employees all the tools to be efficient and that accounts are being provisioned effectively for your employees. But, if you take a closer look at these processes, you may see that there is much room for improvement. 

Although there might not be a major issue that needs to be solved, an IAM solution can save your organization significant time and money and easily help meet audit requirements. The following are just a few of the processes that can be drastically improved by an IAM solution.

Efficiently provisioning accounts

Accounts seem to be getting provisioned by your system admins in a timely manner, so why would you need any type of solution in place? If you begin to add up the time spent on this task, though, especially for large organizations, the process of provisioning accounts can be daunting and result in many errors.

Often, new employees do not even have their network accounts correctly provisioned their first day of employment and have to wait several days to have their appropriate access set up. These are wasted dollars for your organization, as the employees wait unproductively. In addition, provisioning accounts is a menial task that takes up a considerable amount of time of advanced IT employees or even requires the organization to have a full-time employee just to perform this task.

A case example of this was Lifestyle Hearing. The organization spent a great deal of time ensuring that employees had accounts properly created. Franco Butera, IT director, said, “This task took about half an hour for IT to complete, and that was only if we had all the correct information from the beginning. If not, we had to track down the employees in an attempt to get the information, and wait for a response that could take up to an hour or more.”

The organization implemented an automated account management solution that allows human resources to have controlled access through a Web-based form. They can now easily create accounts by entering the employee’s information, defining their profiles and which systems they need to access. Lifestyle Hearing previously had a four- to five-day window for account creation, but using an account management solution, employees are now able to have their accounts created right away and start working the same day they are hired.

Easily securing the network

Your organization may have taken many precautions, and you believe that your network is safe as it can be. However, take a walk past your employees’ desks and see the Post-its they have scattered around with their credentials written on them, or do a little searching and find a paper with a list of their credentials in their desk drawer, often with detailed login instructions. This is not only an annoyance for your employees, but also a major security risk.

This was the issue that Needham Bank was having. End users at the bank needed access to several different systems and applications to properly assist customers. “End users became frustrated at the number of disparate passwords they had, and the frequency they would have to enter the user names and passwords,” said James Gordon, first vice president of information technology at Needham Bank. The organization implemented a single sign-on solution that allows employees to log in with a single user name and password, and thereafter gain access to all systems and applications for which they have authorization, drastically reducing the login time.

With a single set of credentials, employees no longer have to write down their passwords to remember them, which resulted in greatly improved security.

Greater productivity — efficiently reset passwords

You may not think much about when your employees need their password reset, but this is actually the single most common call that employees make to the help desk. Though this is an easy task to manage, it is time consuming for both the help desk and the end user. In addition, this is a major problem for employees who work outside the times of the help desk. If end users work nights, weekends or even in a different time zone and are locked out of their account and unable to contact the help desk to reset their password, this leaves them unable to access their applications or system until the help desk receives and processes the request, leaving them unproductive.

National Geographic experienced this issue. Nat Geo’s employees need to access several cloud applications, including Google Apps, with different credentials for each to perform their jobs. This became an issue when employees had difficulty logging in because they forgot their passwords and were unable to contact the help desk as they are located in different time zones around the world, outside of the business hours of the help desk.

With a self-service reset password solution employees simply answer predefined security questions and are able to reset their passwords, even in the middle of the night, without contacting the help desk. This allows them to quickly resolve their password issues and continue with their work.

Overall, though your company might not be having a major IAM issue that needs quick attention, there are many IAM solutions that can greatly improve upon the processes that your organization has in place. No matter how big or small, or what industry your company is in, it is beneficial to at least take a look at how an IAM solution can help improve your organization. 


For more information, please visit our website at www.tools4ever.com. 

Mobility and the Cloud: No new trend but an ever-evolving issue

The trend that’s continuing to surge for workforce employees is mobile, on-the-go work and work from home despite some pull back from large organizations, like Yahoo! In the last six years telework grew a staggering 73 percent . In addition, one of four U.S. employees works remotely at least some of the time. These statistics don’t include all of the people who travel regularly and work remotely because of this.

Though working remotely has many benefits or organization and their employees, the cloud and mobility can bring about issues for both the organization’s IT department and the end user. Richard Branson, founder of Virgin Group, was recently quoted making the bold statement that “one day offices will be a thing of the past.” Until then, though, some of the issues with working remotely need to be ironed out.

Managing Accounts for Remote Employees
 Correctly provisioning accounts for hundreds or thousands of users who are not physically working within the walls of an organization can be a major headache, and also can be an issue for the end user as employees need access to their accounts quickly and correctly provisioned so that they can begin their work and have access to the systems and applications that they need. In addition, ensuring that employees who are no longer with the company are correctly de-provisioned also needs to be done properly. A disgruntled employee who has access to the organization’s network can cause a great deal of havoc to its data.

Losing Track of Who Has Access to What
 Amidst all of the account provisioning, granting access and revoking access to the many cloud applications, organizational IT leaders can easily lose track of exactly who has access to what. This can become not only a security issue, but also a problem for licensing costs since the organizations does not know exactly how many licenses they need to be buying. In addition, this can be a problem when needing to audit systems since it is difficult for the organization to show and document who has access to secure data.

Dealing with Password Issues
 Like employees working onsite, those working remotely tend to have difficultly remembering their credentials for the many different cloud applications they need to access. This is especially true for employees who are on the go, and contacting the IT department can be a major hassle. Needing to contact the helpdesk to have a password reset while working remotely is not only a huge annoyance for the end user, but also for the IT department since it tends to receive copious amounts of these types of calls.

So how can all of this be solved? Several leading organizations have chosen to use identity and access management solutions for resolving most of these issues. An automated account management solution can allow the IT department at any organization to easily complete a form, check the boxes for which systems accounts need to be created in and accounts are automatically provisioned. This task can even be delegated to less technical staff if needed, such as help desk employees.

When employee accounts need to be disabled, help desk employees can easily de-provision users without manually going into each system and application. Additionally, the accounts also can be placed into a different category, where they have limited access to systems, but can still utilize other aspects of the accounts.

To keep track of exactly who has access to what, a centralized dashboard can be used to provide an overview of which users are deployed in each cloud application. This allows the organization to know exactly who has access to what, and how many licenses they need for each cloud application.

To help with password issues, single sign-on solutions work well with cloud applications. This allows users to login in once with a single set of credentials and thereafter gain access to all other applications they are authorized for. If a password does need to be reset, a self-service password reset software is another type of solution that can be helpful to remote employees. This type of solution allows end users to reset their own passwords without having to contact the help desk. Employees and students can answer security questions that they have previously provided answers to, and quickly reset their passwords.

With all or some of these solutions, organizations are able to provide a better experience to their users who are working remotely, and allow them to work more efficiently wherever they are.

For more information, please visit our website - www.tools4ever.com.