Thursday, 11 June 2009

Password Management for dummies

Password resets are a mundane, time consuming task but one vital to any organization.

Most if not all the companies I visit want to make the users more self sufficient so they can reduce the burden on the helpdesk and free them up to do other things.

One of the biggest HD overheads (time and hence cost)? PW resets!

So what are your choices? As I see it it can be narrowed to the following:
  1. Continue spending loads of money on your own helpdesk
  2. Build and application yourself
  3. Buy a self service PW reset application from someone like Quest.
They all have their challenges:
  1. Costly!
  2. More costly!
  3. Confusing

Most people agree they want a COTS app as it's often the easiest from an implementation perspective, and you can give the vendors a hard time when something goes wrong so there's and element of 'insurance' included.

That said, if you Google 'password self service' or the like, you'll most probably get a 101 million hits and it's difficult to know where to start.

Keep it simple:
  1. Stating the obvious but it must offer good ROI and TCO.
  2. It should be a proven technology. Are you willing to be a security guinea pig? Probably not.
  3. Where are your users? In AD? If they are, you want a fully AD integrated solution. If they're not, go with whatever scales/is integrated best with your environment.
  4. It should be flexible to the extent that you can include as many applications within the PW reset as you deem necessary. Is one secure PW better than 10 insecure PW's? I don't know but it's definitly more convenient for the end user meaning the chances they wrote them down is less. And yes, PW sync is WAY easier than SSO no matter what anyone says so if you're looking to rationalize PW's & ID's, this is a great start!
  5. Future proof it. Don't buy proprietary!
Check out www.Quest.com/Password-Manager & www.Quest.com/InSync for more info on how Quest can help you with all the above and loads more.

No comments:

Post a Comment