Alleviating Password Management Demands on Your IT Service Desk SOLUTION WHITE PAPER



Similar documents
Taking the Service Desk to the Next Level BEST PRACTICES WHITE PAPER

ROUTES TO VALUE. Business Service Management: How fast can you get there?

CA Service Desk Manager

Unleash the Full Value of Identity Data with an Identity-Aware Business Service Management Approach

Leveraging the Synergy between Identity Management and ITIL Processes

Meeting the Challenge of Service Request Management SOLUTION WHITE PAPER

How can Identity and Access Management help me to improve compliance and drive business performance?

Track-It! 8.5. The World s Most Widely Installed Help Desk and Asset Management Solution

Release Management for BMC Remedy IT Service Management version 7.0 WHITE PAPER

Measuring Success Service Desk Evaluation Guide for the Midsized Business: How to Choose the Right Service Desk Solution and Improve Your ROI

P-Synch by M-Tech Information Technology, Inc. ID-Synch by M-Tech Information Technology, Inc.

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet

CA Service Desk On-Demand

DirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet

WHITE PAPER. iet ITSM Enables Enhanced Service Management

LANDesk Service Desk. Outstanding IT Service Management Made Easy

Streamlining Service Request Processes: A Key to Business Success

Keep Users Happy By Integrating I.T. Operations and I.T. Support

Transforming IT Processes and Culture to Assure Service Quality and Improve IT Operational Efficiency

Choosing an SSO Solution Ten Smart Questions

Password Management Before User Provisioning

Provide access control with innovative solutions from IBM.

Understanding ITIL Service Portfolio Management and the Service Catalog. An approach for implementing effective service lifecycle management

Scalability and BMC Remedy Action Request System TECHNICAL WHITE PAPER

IBM Tivoli Service Request Manager

Foundation ACTIVE DIRECTORY AND MICROSOFT EXCHANGE PROVISIONING FOR HEALTHCARE PROVIDERS HEALTHCARE: A UNIQUELY COMPLEX ENVIRONMENT

SOLUTION WHITE PAPER. Configuration Management Database (CMDB) Cornerstone of ITIL-based Integrated Service Support

BMC Track-It! Key Benefits

Simplify and Automate IT

White paper December Addressing single sign-on inside, outside, and between organizations

Regulatory Compliance Using Identity Management

The Modern Service Desk: How Advanced Integration, Process Automation, and ITIL Support Enable ITSM Solutions That Deliver Business Confidence

Extend the value of your service desk and integrate ITIL processes with IBM Tivoli Change and Configuration Management Database.

WHITE PAPER. ITIL for the Small and Mid-sized Business (SMB)

Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

Vyom SSO-Edge: Single Sign-On for BMC Remedy

Applying ITIL v3 Best Practices

SOLUTION WHITE PAPER. Align Change and Incident Management with Business Priorities

GoldMine Datasheet Title. Subtitle: Reinvent your Sales, Marketing and Support Proceses. IT Must Innovate to Meet Rising Business Expectations

SOLUTION WHITE PAPER. Remedyforce Powerful Platform

Integrating Hitachi ID Suite with WebSSO Systems

VoiceTrust Whitepaper. Employee Password Reset for the Enterprise IT Helpdesk

Improving PCI Compliance with Network Configuration Automation

identity management in Linux and UNIX environments

BMC Asset Management SAP Integration

How To Create A Help Desk For A System Center System Manager

MCB Bank Ltd Increases Compliance with Service Level Agreements by 180 percent with CA Service Desk Manager

How to Improve Service Quality through Service Desk Consolidation

BMC Cloud Management Functional Architecture Guide TECHNICAL WHITE PAPER

Getting the Most From. Your Help Desk

Simplify and Automate IT

Supportworks ITSM Foundations A Bite-Size approach to ITIL adoption

SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?

BSM for IT Governance, Risk and Compliance: NERC CIP

Service Offering: Outsourced IdM Administrator Service

Security management solutions White paper. Extend business reach with a robust security infrastructure.

ORACLE ACCESS MANAGER

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

Oracle Role Manager. An Oracle White Paper Updated June 2009

HP Services Global Service Desk with esupport. Innovative technology and business processes that transform IT support for your employees

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Passlogix Sign-On Platform

From Managing Boxes to Managing Business Processes

Professional CRM Support. Telephone: Website:

BMC Control-M Workload Automation

Softchoice Solution Guide: five things you need to know about single-sign on

Moving beyond Virtualization as you make your Cloud journey. David Angradi

TECHNICAL WHITE PAPER. Introducing BMC Control-M Self-Service

BMC Remedy IT Service Management Concepts Guide

Share this ebook! Top 7 Benefits IT Process Automation Provides MSP s 1

Protecting Data-at-Rest with SecureZIP for DLP

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

Server-based Password Synchronization: Managing Multiple Passwords

Total Protection for Compliance: Unified IT Policy Auditing

Copyright 11/1/2010 BMC Software, Inc 1

Best Practices Report

Predictive Intelligence: Identify Future Problems and Prevent Them from Happening BEST PRACTICES WHITE PAPER

Business Service Management Cyril Gobrecht Business Solutions Manager Halim Belkhatir Regional Manager. 17 December 2008

Benefits of an ITIL Help Desk in the Cloud

Cisco TelePresence Select Operate and Cisco TelePresence Remote Assistance Service

Minimize Access Risk and Prevent Fraud With SAP Access Control

Software change and release management White paper June Extending open source tools for more effective software delivery.

Creating Service Desk Metrics

Controlling Web Access with BMC Web Access Manager WHITE PAPER

SOLUTION WHITE PAPER

Accelerating the Transition to Hybrid Cloud with Oracle Managed Cloud Integration Service

Executive Dashboards: Putting a Face on Business Service Management

Device Lifecycle Management

Published April Executive Summary

Transcription:

Alleviating Password Management Demands on Your IT Service Desk SOLUTION WHITE PAPER

Table of Contents Executive Summary...1 The Importance of Automation...2 The Role of Password Management in Modern Business...3 Freeing up the Support Analyst...3 The Cost of Password Support...4 Addressing Password Management at Level Zero...4 End user Empowerment...5 Transparent Password Synchronization...5 Increased Value of Support Analyst...6 Beyond Password Management to Identity Management...7

Executive Summary Over the past decade, many organizations have recognized the critical benefits that the IT service desk provides to internal and external customers. Now, as business becomes more reliant on IT and as IT becomes increasingly more complex they are looking for ways to eliminate some of the burden on the IT service desk, and enable users to resolve some of their more basic issues through user self-service. Through the automation of key processes, such as password reset, IT is able to improve the efficiency of the service desk, while also empowering users to resolve issues on their own through self-service technologies. This paper will: > Examine the role of password management, including overall support management capabilities, solution economics, and customer and IT service staff satisfaction levels > Discuss the benefits of user self-service > Explore the value of fully integrating password management into a comprehensive service desk solution PAGE > 1

The Importance of Automation Your service desk is the first point-of-contact between your users and IT. Your service desk analysts field calls on a variety of issues, ranging from the simple but time-consuming (password resets) to the complex (system failures). To respond to this range of incidents, most organizations have three tiers of support, starting with IT service desk at Level 1 and moving to Levels 2 and 3 with increasing complexity, touch, and cost. Level 2 involves a technical staff resource from application development, while Level 3 escalates further to a strategic staff resource from the business. Not surprisingly, the cost per transaction has a direct correlation with the level of support tiers, increasing significantly as higher tiers are reached. For example, password resets handled by Level 1 staff cost, on average, $12 per transaction, while Web self-service costs $2 1. To improve efficiency and lower costs, organizations are looking to Web self-service as a new level of support Level 0. The goal of Level 0 support is to quickly resolve incidents through automated tools that require minimal touch and therefore minimal cost. Gartner 1 categorizes the IT service and support demand mix in the following manner: > Service request: IT-or non-it-related service requets regarding a range of support-specific service offerings > Installs, moves, adds, and changes (IMAC): End-user for IT install, moves, adds or changes that aren't the result of IT infrastructure failure > How-to: End-users submit problems about how accomplish, access or operate IT resources > Password security: A specialized end user problem regarding establishing or regaining access privileges to IT resources > Outage: A specialized case of an end-user break/fix problem problem that affects a substantial group of end users > Break/fix: End-users can't access or operate IT resources for various reasons Figure 1. Password Management s Impact on Service Desk Calls As Figure 1 shows, Password Security represents a solid percentage of the calls coming into the service desk. Imagine the impact on your service desk team s efficiency if password management functionality could be provided to users as a Level 0 service instead whether as part of an automated self-service offering or as functionality integrated directly into the service desk environment. PA G E > 2

The Role of Password Management in Modern Business Organizations large and small have adopted passwords as the primary method to authenticate users. While this provides a dependable way to secure access, it also raises significant password management challenges for end users and IT support staff. The complexity of the IT enterprise presents users with a vast number of applications requiring diverse authentication criteria. Although modern business requires this rich tapestry of services, managing a large set of passwords can be a very time-consuming process with many drawbacks. Some of the basic challenges facing IT support organizations and service users are: > A large percentage of all service calls are for password reset (average is 30 percent of all calls). > Users have too many passwords, thus passwords are often forgotten. > Passwords don t meet internal policies, and as a result, password strength is compromised. > Passwords are often chosen so that they are easy to remember and therefore easy to guess (for example, Jane Doe uses these passwords on three systems: JDoe001, JaneD4, JD1001). > Passwords are not changed periodically and there is no enterprisewide standard across all systems and applications. > Passwords are often recycled and reused, or in some cases, are simply appended (for example, password MUSTANG is revised as MUSTANG01). > Passwords are written down: Under keyboards, on dryerase boards, on notepads, on the back of business cards. Freeing up the Support Analyst The proliferation of password-protected applications and systems, especially following the growth of e-business, has created a challenge for people who have accumulated access to several systems as they move across organizational roles. It is not uncommon for people to experience password problems. A typical user with four or more passwords may log onto his or her desktop successfully, and even connect to a data warehouse or ERP applications; however, he or she may have difficulty remembering the password to some other, lesser-used accounts. After all, a single user often has many passwords and each has to be changed every few months. Adding another degree of complexity, corporate password policies with differing operating system and application password strength abilities seem to encourage users to adopt ill-advised practices, such as writing down passwords. Eventually, as password histories and complexities grow, organizations normally encounter an increase in service desk calls for password management assistance. It is not surprising that password-related incidents represent 20 to 35 percent of the incoming incidents on any given day (see Figure 1). Support analysts are relegated to responding to an increasing volume of Level 1 tickets around password reset. While resolution to password-related calls is typically less complicated than other Level 1 incidents, it does monopolize the support analyst s time and increases the average queue time of other issues. In some circumstances the support analyst does not have immediate access to the application that the user is trying access, therefore making the task of resetting the password much more tedious and time consuming. Thus, both support analyst and end user productivity are significantly impacted by a simple request. PAGE > 3

The Cost of Password Support How significant is this burden? If we consider a day in the life of a support analyst, we will quickly recognize that up to 20 to 35 percent of incoming tickets are password-related. What s more, large organizations with 5,000 or more employees can generate upwards of 100,000 individual tickets per year. Examining the cost delta of handling the calls at Level 1 (through the IT service desk) at $12 a call versus Level 0 (through automated user self-service) at $2 1 a call, we can estimate a maximum savings of $350,000 in year one. This cost number is substantial when you consider that the cost of implementing automation is several times lower (even when only considering the year one savings). There are other costs as well. The degradation of employee productivity, though a soft-dollar cost, carries a significant impact to an organization. Addressing Password Management at Level Zero By adopting a password management solution, an organization can leverage automation technologies and service processes to alter the delivery model from one-to-one (support analyst to end user) to one-to-many (automated password management to end user). A password management solution can bring better-quality service at increasingly lower costs and with powerful features, including self-service, password synchronization, regulatory compliance, and security. Automated password management delivers standardized authentication strength controls, such as password length, character combinations, password histories, and more, and is accessible in many forms. Users can access password management services from Web browsers, kiosks, or directly from desktop network access clients. In some applications, IT support analysts can leverage password management functionality directly from their incident and problem management application. What to consider when looking at password management offerings > Is the self-service password management application available through a Web browser, enabling end users to reset their passwords remotely across the intranet or Internet? > Does the self-service application provide end users with an online status report of their password changes? > Are end users able to select a subset of accounts for which they wish to reset their password? > Is the password management functionality part of an identity management solution that provides Interactive Voice Recognition (IVR) integration to allow end users to reset their passwords using an automated voice service? > Can the identity management solution support transparent password synchronization, so that the system intercepts password changes in real time and propagates the new password to other managed systems? > Does the password management solution integrate with your service desk application? Password management solutions, whether implemented as standalone capabilities or as part of a comprehensive identity management environment, provide relief to end user or service consumer problems and add greater flexibility and strength to the IT enterprise. Whether an organization wishes to synchronize a singular password across all of the access accounts for a person (reducing the password complexity to one singular password) or they just wish to empower their IT service desk with a central tool for managing password service requests, today s password management solutions can satisfy the requirements. PAGE > 4

End user Empowerment One of the more common deployments of a password management solution is self-service/password reset (SSPR), which enables end users to manage and reset their own passwords through traditional (user name and password) or alternative ( challenge-response queries) authentication data. The primary benefits lie in the reduction of service costs (the time spent by systems administrators and support analyst staff). The most typical scenario forgotten passwords is addressed via an alternate authentication method, such as challenge and response. This approach uses a set of challenges and responses set up by, and known only to, the user: users are authenticated by providing correct answers to challenges. Once verified, the individual creates a new password that is propagated to the user s various accounts. This tool is ideally Web-based. With a flexible password management solution, organizations may utilize site defined and/or user-defined challenges. Sitedefined challenges establish general corporate challenge fields (such as mother s maiden name, employee number, etc.) while user-defined challenges are personally generated and maintained by the end user. In either case, authentication complexity is reduced and adheres to a well supported or documented set of standards. Deploying a self-service/password reset solution reduces service desk calls and improves the end user experience. An auxiliary means of enabling self-service is authentication through voice recognition. By integrating a password management solution with an IVR system, users can authenticate with a voiceprint; once authenticated by voiceprint, the system will generate a new user password and read it back over the telephone. The key benefit is faster service to the consumer and a reduction in IT service desk call volume. Transparent Password Synchronization Password synchronization can play a big role in supporting the password management in large enterprise settings. Password synchronization enables end users to change their passwords in a standard manner for a selected set of platforms. Password changes are intercepted by the password synchronization system and propagated to all of the other accounts owned by the end user, resulting in a single password for all accounts belonging to that user. This approach provides a transparent synchronization capability implemented through existing and familiar user interfaces. Password synchronization improves the end user experience. While password management solutions can provide selfservice functionality, they can also increase the productivity of the support analyst in situations where they must reset a user s password. The password management system enables the password to be reset across multiple systems. This reduces the time, complexity, and expertise normally required to support multisystem password resets. PAGE > 5

Increased Value of Support Analyst While most password management solutions offer distinct self-service benefits to an organization s end users, some offer capabilities for the IT service desk staff as well. For example, the BMC Password Management solution is directly integrated into the BMC Remedy Service Desk application. By exposing password management functionality from within BMC Remedy Service Desk, a support organization can consolidate all the issues related to password management into one comprehensive incident and problem management application in support of all incoming tickets across the organization. This integration ensures that regardless of whether the password service request was initiated through the Web, e-mail, telephone, or desktop client or by an event from a network or system management application the BMC Remedy Service Desk multichannel customer request interface consolidates and handles the password requests from submission to final resolution. Exposing password management functionality from within the BMC Remedy Service Desk user interface allows IT support analysts to play a more effective role in supporting end users who cannot leverage self-service functions to resolve their issue. Consider the scenario where an end user is locked out of his or her desktop or specific application, and thus calls the IT service desk. The support analyst without needing to leave the primary support application can access BMC Password Management functionality directly from within BMC Remedy Service Desk. Within three steps from within the user interface of the BMC Remedy Service Desk application, the analyst can perform the following functions: > Search for the user > Select the account to be managed > Reset the password or status of that account for the user Having your password management solution integrated into your incident and problem management environment allows your IT service desk to deliver enterprise-class incident and problem management with real-time dashboards for easy reporting, tightly integrated knowledge management, and end user self-service. Figure 2. The BMC Password Manager plug-in for BMC Remedy Service Desk PAGE > 6

Beyond Password Management to Identity Management Today s modern enterprise demands that IT service solutions are implemented in a manner that is synergetic with other areas of IT operations. Service and support tools for change management, service level management, patch management, configuration management, and knowledge management all play a role in how proactive an enterprise is in aligning their IT infrastructure to respond to their business needs. Regulatory compliance mandates, such as Sarbanes-Oxley, are also establishing new demands on IT operations and reinforcing the requirement for better alignment with the IT security side of the business. Today more than ever, it is critical for organizations to be able to answer the following four questions: > Who are your users? > Who has access to what? > Who approved that access? > How is that access being used? These new requirements of strategic alignment have placed new functional emphasis when you consider discrete solutions, such as automated password management. When evaluating a password management offering, you should be sure to consider how such a solution will integrate with your service desk strategy and overall identity management direction. Password management, after all, is only one aspect of a comprehensive identity management strategy that usually includes additional applications, such as directory management, access control, user administration and provisioning, audit and compliance management, and other functions that are intended to solve uniquely related aspects of identity management across the enterprise. eweek 2006 Excellence Awards named BMC Identity Management the winner in the Authentication & User Management category. Indeed, with Identity Management Suite, BMC has done an excellent job of integrating all the parts of an enterprise ID management system allowing companies to actually fully benefit from all of its capabilities. Directory Management and Visualization Manage people data: Data extraction Development studio Data synthesis A significant challenge occurs when your organization needs to provide the right access to the right people in a secure manner without impeding their productivity. The BMC Password Management solution eliminates the hassles encountered by end users who must handle and remember multiple passwords. Incidents associated with access are rapidly resolved by combining self-service management abilities, powerful password management capabilities, and integration with BMC Remedy Service Desk, thus reducing service desk costs. Endnotes BMC Identity Management Suite Access Management Control and enforce access privileges: Web SSO Federation Enterprise SSO User Administration and Provisioning Manage entitlements: User provisioning Account reconciliation Automated administration Password Management Manage passwords: Self-service Synchronization Account reset Business Process Workflow 1 Gartner Presentation, "Service Desk Futures in People, Process, Technology", by David Coyle, November 28-December 1, 2006. Audit and Compliance Management Control and enforce policy compliance: Personalized dashboard Event reporting and archiving Separation of duties PAGE > 7

About BMC Software BMC Software delivers the solutions IT needs to increase business value through better management of technology and IT processes. Our industry-leading Business Service Management solutions help you reduce cost, lower risk of business disruption, and benefit from an IT infrastructure built to support business growth and flexibility. Only BMC provides best practice IT processes, automated technology management, and award-winning BMC Atrium technologies that offer a shared view into how IT services support business priorities. Known for enterprise solutions that span mainframe, distributed systems, and end user devices, BMC also delivers solutions that address the unique challenges of the midsized business. Founded in 1980, BMC has offices worldwide and fiscal 2006 revenues of more than $1.49 billion. Activate your business with the power of IT. For more information, visit www.bmc.com. BMC Software, the BMC Software logos and all other BMC Software product or service names are registered trademarks or trademarks of BMC Software, Inc. All other registered trademarks or trademarks belong to their respective companies. 2007 BMC Software, Inc. All rights reserved. *68182*

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information