From preparing cost estimates and analyses all the way to meeting with customers – the day-to-day workload for employees is demanding and mostly driven by lengthy to-do lists. This calls for multi-tasking, which often has to accommodate homeschooling due to the pandemic. What is the relevance of a password in the context of these daily challenges? It’s an aspect that is often belittled and yet 30 per cent of help desk requests to internal IT departments can be attributed to resetting passwords and unlocking accounts. As a result, IT professionals waste valuable time managing passwords rather than addressing more urgent security problems. To make this inconvenience a thing of the past, more and more companies are turning to the self-service reset password manager. This solution allows users to look after their passwords themselves without having to get the IT department involved. Nevis explains how this technology works and how easy it is for a company to introduce the multi-factor authentication (MFA) needed to implement this solution.
When even the abbreviation contains five letters
The rather long-winded name ‘self-service reset password manager’, or SSRPM, makes it sound quite complicated. While it may be complicated, it is in no way inconvenient and is entirely straightforward. The password manager gives end-users the option to reset and change their passwords themselves. This eliminates the need to consult an administrator or a help desk.
How does the manager actually work?
The starting point is the authentication of a user who wants to unlock their account or reset their password. Once SSPRM has been implemented in the Single Sign-on process, the user simply presses the ‘forgotten password’ button to access the user interface of the manager. The user must then answer the previously defined security questions. If the answers are correct, the manager responds by offering one of the following options (which has b department in the configuration editor):
- The user is allowed to create a new password
- A new password is created and sent to the user
- A new password is created, sent to the user and the old password is marked as expired
In each case, the user’s access authorisation is retained and they can access their data in the usual manner once their authentication is renewed. This frees users from their reliance on their IT help desk. Instead, they can access the self-service manager anytime and anywhere to update passwords themselves.
Comprehensive benefits for employees and IT professionals
The self-service reset password manager offers countless benefits that enhance usability while also positively impacting the company as a whole.
- One definite bonus for IT departments is the reduction in the amount of time lost to routine password management thanks to greater user independence. The elimination of tickets relating to passwords relieves the burden on IT help desk employees – who can then turn their focus to other more pressing IT issues. This in turn boosts the productivity of entire IT departments.
- At the same time, the self-service function makes users more independent and lets them perform basic password management tasks irrespective of help desk availability. The continuous availability of password management services reduces outage times while the improved usability bolsters flexibility and user satisfaction.
- Implementing the password manager also frees up more of your IT budget. Once installed, the SSPRM runs automatically without the need for additional technical support. The IT department can stop dealing with password management altogether and watch the return on investment grow.
- With the help of the password manager, company standards and policies can be standardized and implemented. Administrators can store passwords in the configuration editor and retrieve them automatically when needed. Administrators can also select various password policy options, including functions for logging failed authentication attempts or locking accounts.
- Implementation of the password manager elevates network security and ensures better protection of critical company data by eliminating careless mistakes on the help desk and by automating password management.
The added benefit of MFA in SSRPM
Multi-factor authentication is the highest and most up-to-date standard for companies looking to maximise their level of digital data protection. It can be embedded into the SSRPM’s authentication process and adds additional security barriers without creating extra work. MFA combines more than two authentication technologies from the three groups of authentication factors – possession (something you have), knowledge (something you know) and inherence (something you are). These include factors such as a PIN, a token or biometric factors such as an iris or fingerprint scan. Since these are tamper-proof and always available, they improve both security and ease of use by preventing identity theft and ensuring that access is only granted to those who are entitled to it.