TOP. Steps to Success. TOP 10 Best Practices. Password Management With a Plan. www.avatier.com

Similar documents
Welcome Guide for MP-1 Token for Microsoft Windows

NETWRIX IDENTITY MANAGEMENT SUITE

Service Desk R11.2 Upgrade Procedure - Resetting USD passwords and unlocking accounts in etrust Web Admin

Server-based Password Synchronization: Managing Multiple Passwords

AD Self-Service Suite for Active Directory

Password Manager Windows Desktop Client

Self-Service, Anywhere

Encrypted Users Guide. Revised 6/8/2015

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet

Software Update Bulletin

Cloud Services Catalog with Epsilon

Allidm.com. SSO Introduction. Discovering IAM Solutions. Leading the IAM facebook/allidm

Service Offering: Outsourced IdM Administrator Service

DirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet

Password Management Buyer s Guide. FastPass Password Manager V 3.3 Enterprise & Service Provider Editions

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

Critical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management

Understanding and Configuring Password Manager for Maximum Benefits

The Challenges of Administering Active Directory

NetWrix Password Manager. Quick Start Guide

ManageEngine ADSelfService Plus. Evaluator s Guide

BEST PRACTICES. Systems Management.

Chapter 1 Scenario 1: Acme Corporation

GoldMine Datasheet Title. Subtitle: Reinvent your Sales, Marketing and Support Proceses. IT Must Innovate to Meet Rising Business Expectations

Planning and Administering Windows Server 2008 Servers

BitLocker Encryption for non-tpm laptops

User Guide. Version R91. English

(A) User Convenience. Password Express Benefits. Increase user convenience and productivity

Managing and Maintaining Windows Server 2008 Servers (6430) Course length: 5 days

McAfee Endpoint Encryption (SafeBoot) User Documentation

Microsoft Windows Intune: Cloud-based solution

How to best protect Active Directory in your organization. Alistair Holmes. Senior Systems Consultant

Foundation ACTIVE DIRECTORY AND MICROSOFT EXCHANGE PROVISIONING FOR HEALTHCARE PROVIDERS HEALTHCARE: A UNIQUELY COMPLEX ENVIRONMENT

Windows Phone 8.1 in the Enterprise

Planning and Administering Windows Server 2008 Servers

Password Management Before User Provisioning

MSP Service Matrix. Servers

Centralized Self-service Password Reset: From the Web and Windows Desktop

How to Use Remote Access Using Internet Explorer

IBM Tivoli Service Request Manager

B2B Quick Start Guide

Planning and Administering Windows Server 2008 Servers

Active Directory Compatibility with ExtremeZ-IP. A Technical Best Practices Whitepaper

ManageEngine Desktop Central Training

Monash Health Self Service

Passlogix Sign-On Platform

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

ADSelfService Plus Client Software Installation Guide

Password Reset PRO INSTALLATION GUIDE

NetWrix Logon Reporter V 2.0

NetIQ Advanced Authentication Framework. Maintenance Guide. Version 5.1.0

Microsoft Exam

Administration Guide ActivClient for Windows 6.2

Best Practices Report

Choosing an SSO Solution Ten Smart Questions

Workflow Templates Library

Softerra Adaxes Enterprise Directory Solution

IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

Active Directory Self-Service FAQ

Reporting works by connecting reporting tools directly to the database and retrieving stored information from the database.

Password Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

CDW PARTNER REVIEW GUIDE SOFTWARE LICENSE MANAGEMENT

UNISYS. Server Management 2.0. Software Release Announcement. imagine it. done. Server Management 2.0 and Higher. May

ScoMIS Encryption Service

A Sensible Approach to Asset Management

The Modern Service Desk: How Advanced Integration, Process Automation, and ITIL Support Enable ITSM Solutions That Deliver Business Confidence

Sebastian County Information Systems Department New Hire Orientation Computer Use and Policy. Revised 3/6/2015

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

How can Identity and Access Management help me to improve compliance and drive business performance?

Extending Identity and Access Management

Walton Centre. Document History Date Version Author Changes 01/10/ A Cobain L Wyatt 31/03/ L Wyatt Update to procedure

Remote Access: Internet Explorer

Windows Password Change Scenarios

Step by step guide for installing highly available System Centre 2012 Virtual Machine Manager Management server:

MBAM Self-Help Portals

AVG Business SSO Connecting to Active Directory

Vector HelpDesk - Administrator s Guide

NetIQ Advanced Authentication Framework - Client. User's Guide. Version 5.1.0

Published April Executive Summary

Implementing HIPAA Compliance with ScriptLogic

Step-by-Step Guide to Setup Instant Messaging (IM) Workspace Datasheet

Authentication: Password Madness

SERVICES BRONZE SILVER GOLD PLATINUM. On-Site emergency response time 3 Hours 3 Hours 1-2 Hours 1 Hour or Less

Propalms TSE Deployment Guide

Speeding Office 365 Implementation Using Identity-as-a-Service

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

Introduction. PCI DSS Overview

Citrix Password Manager 4.5 Partner and Sales FAQ

WatchGuard SSL 2.0 New Features

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

MIGRATING SHAREPOINT TO THE CLOUD

Moving beyond Virtualization as you make your Cloud journey. David Angradi

Transcription:

Best Practices Allowing business users to manage their own password changes can significantly reduce help desk calls. Most importantly, having a centralized password management process and solution in place helps enforce strong password policies by automating IT operations across the organization. Password Management With a Plan Today s organizations are a study in change: New employees and contractors come on board, some leave, others transfer, while responsibilities continuously shift within the organization. Throughout all this change, password policies continue to enforce password changes, prompting endless calls to an already overburdened help desk. For IT professionals, the challenges are efficiently meeting increasing service-level demands, while also enforcing policy and security, maintaining stringent access audit controls, and addressing access governance and risk compliance requirements. Luckily, self-service, automated password reset tools exist to unburden IT professionals, while at the same time ensuring bulletproof security. But it s not enough to simply purchase and install a password management solution and hope for the best. To achieve optimal results and measurable cost savings, the password management solution must be considered as part of an overall corporate strategic plan aimed at maximizing benefits across an entire enterprise. In this guide, we define the top critical items and best practices that help ensure maximum corporate buy-in and implementation success. And if you need additional guidance, we re here for you. Avatier experts are on hand to make sure you reach your password management strategic goals. Password Management 2

Best Practices Step 1: Understand your organization s needs. Before evaluating any password management solution, it is imperative to identify needs specific to your organization. To help focus your evaluation, organizational processes should first be documented and understood. Without the due diligence that leads to this understanding, the potential for loss of financial investment skyrockets, because you can end up with an expensive solution that delivers more than what you need. Setting goals is part of this pre-evaluation phase for improving security and efficiency, reducing costs, and achieving password management governance, risk and compliance. And once your goals are set, you must establish metrics and define a baseline to measure the impact of your solution. For instance, you can determine help desk call volume, resource productivity and enrollment goals. Then look at process costs such as the average baseline cost for a password reset and unlock accounts, which represent password management metrics with measurable goals. Step 2: Consider a solution with options for automated reporting, alerts and unenrollment. Automation is not only a big time-saver in organizations; it also eliminates any kind of human error that goes along with manual entries. When evaluating a password management system, consider a solution that automatically reports on configuration changes, account unlocks, enrollment, password resets and attempts, authorization failures, etc. Automatically generated alerts are also valuable, generating immediate notifications to a defined recipient list after an authorization failure, password change failure and configuration changes. Automatic unenrollment after someone leaves an organization ensures the ongoing integrity of your corporate systems. Password Management 3

Best Practices The key to success in deploying a password management solution is defining manageable, measurable steps that provide a strong foundation on which to build your initiative. Once you have a road map, you set a path to readily secure your organization with an efficient deployment and cost savings throughout the process. Step 3: Take into account your overall corporate infrastructure. Many organizations attempt to roll out a password management solution without consideration for their corporate infrastructure. This leads to significant problems down the line. Make sure to designate a separate or virtual machine to test upgrades and patches prior to a production deployment; otherwise, the potential for disruption to your systems could mean significant financial and productivity losses amounting to more than the cost of a test server. Depending on whether the environment is internal- or external-facing, high availability, fault tolerance and failover are a necessity for organizations that maintain 24x7 operations. Configuring your system to utilize a relational database system to store audit log information is also recommended to ensure high availability, scalability and performance. Step 4: Determine appropriate messaging. With any password management solution, notifications are sent informing users about a variety of actions. Take the time to make sure the wording in these communications is clear. Customize messages to get the most value and efficiency out of your password management solution. Include password expiration notices, password change alerts and administrator messages. You should also include a help desk number. Step 5: Provide proper secure identity questions. To ensure effective utilization of a self-service solution, offer identity challenge questions that require exact answers. Consider questions that prompt answers utilizing long-term memory questions, such as In what city did you meet your significant other? Also, when punctuation or abbreviation is a possibility, do not consider it for question selection, as it leaves too much room for arbitrary answers. Finally, avoid questions with answers that can change over time, such as What is your favorite restaurant? Always select questions that are easy to remember with one consistent response. Password Management 4

Best Practices Step 6: Align password policies. Organizations often try to make their password management solution adapt to numerous different password policies on their source systems. While a strong password management solution can do this, it often makes more sense to take a little time to evaluate your password policies on each system to see if they can be unified to a common policy. By setting strength and expiration policies to common values, a number of challenges can be resolved while simplifying you environment. Step 7: Increase scope. While increasing scope goes against most project management practices, synchronizing passwords across every system in your environment will dramatically improve operations. So rather than limiting it to try and address only a few key systems, leverage the power of your password management solution to synchronize passwords across all your systems. This makes it much easier for users, reduces help desk calls to your data center, and better prepares your organization for longer-term IAM initiatives to those other systems. Step 8: Develop an account mapping plan. In order to maximize the password synchronization benefits of a password management solution, you must know which user has what logon account on each IT system of your organization s systems. This also facilitates account management across multiple platforms. For example, you could incorporate of an account-mapping database of all users, their various accounts, and the target systems they access in the organization. Password Management 5

Best Practices Step 9: Define an exclusion list. Define an exclusion list. For compliance and operational reasons, certain users and user groups must be excluded from enrolling in and utilizing the functionality of a password management solution. Consider defining and documenting these individual users before deployment, which will enable a more efficient rollout during the configuration phase. Step : Select which client interfaces to deploy. To roll out a password manager, organizations must plan for each password management interface, and identify the pros and cons of deploying the following options: A Web interface is the easiest from an IT perspective, since a Web browser is included with almost all operating systems. The Web interface may require an Active/X control to reset locally cached credentials, but this control is only necessary in Microsoft environments that have enabled change password. This function typically is enabled only when password synchronization is also enabled to allow the Microsoft Windows password to be pushed to all target systems. Deployment of a customized graphical identification and authentication page that provides pre-network logon access to the password management solution requires installation of a Microsoft Installer (MSI) package on each workstation. Your organization must have a software distribution mechanism in place to ensure the installer package is delivered and successfully installed on the workstations. Additionally, users must be notified and trained to prepare for the new logon screen they will see on their desktops the next time they boot their computers. As part of rollout, your change management and training plan will promote adoption and reduce help desk calls. To successfully enable using a telephone to reset forgotten passwords and unlock an account, consider adding hardware requirements including the telephony interface board, the server it will run on as well as connectivity to the phone lines. Decisions must be made as to whether to use an analog or IP-based (SIP) phone line. Password Management 6

Best Practices Password Management Success The ultimate goal of a password management solution is to give your users timely access to the resources they need to do their jobs and stay productive, no matter how often or how quickly their roles and responsibilities change. At the same time, an effective password management solution will free your IT professionals to focus on other important organizational issues. But without first evaluating your needs and assessing your current environment, your solution might fall short of expectations. Indeed, the best results come when your project takes a focused step-by-step approach with your business goals in mind. Only then will you end with a password management solution with the potential to change the way you perform core processes to ultimately yield a more efficient, productive, secure and risk-free organization. Innovative Identity Management and Access Management Delivered Avatier is a leading provider of enterprise identity management solutions. Avatier Identity and Access Management Software Suite (AIMS) enables business line managers to take control of the identity management life cycle through a patented IT storefront for service catalog user provisioning, a universal mobile client for access certifications, and self-service password management. Avatier solutions maximize operational efficiency through IT automation and self-service operations. Password Management 7

Best Practices Notes 800-609-86 North America +44 (0) 207 877 1807 EMEA +61 (0) 2 9959 47 APAC Password Management 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information