SlideShare a Scribd company logo

Building a Business Case for Hitachi ID Password Manager Purchase and Deployment

Hitachi ID Systems, Inc.
Hitachi ID Systems, Inc.

This document presents a sample business case for justifying purchase and deployment of Hitachi ID Password Manager. Hitachi ID Password Manager addresses password management challenges, such as forgotten passwords and users who write down their passwords, with password synchronization, self-service password reset and assisted password reset. Password management for thousands of users, across multiple systems, is a costly problem for most enterprises. Problems that arise from ineffective password management include: - Support cost and meeting support SLA. - Lost user productivity. - Network security vulnerabilities.

Technology
1 of 14
Download to read offline
Building a Business Case for Hitachi ID Password Manager Purchase and Deployment © 2014 Hitachi ID Systems, Inc. All rights reserved.
This document presents a sample business case for justifying purchase and deployment of Hitachi ID Password Manager. Hitachi ID Password Manager addresses password management challenges, such as forgotten passwords and users who write down their passwords, with password synchronization, self-service password reset and assisted password reset. Contents 1 Introduction 1 2 Executive Summary 2 2.1 Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.2 Cost savings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3 Password Management Challenges 3 3.1 Complexity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.2 User password problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.3 Assisted service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.4 Meeting SLA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.5 Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.6 Security impact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4 User populations with special problems 7 4.1 Mobile users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.2 Passwords for vendors and partners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.3 Language support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.4 Infrequently used systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 5 Cost impact 9 5.1 Support costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.1.1 Direct cost savings with Hitachi ID Password Manager . . . . . . . . . . . . . . . . 9 5.2 Improved user productivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.3 Support statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 6 Additional technology applications 11 6.1 System migrations, mergers and acquisitions . . . . . . . . . . . . . . . . . . . . . . . . . . 11 i
Building a Business Case for Password Manager Purchase and Deployment 6.2 Managing authentication in e-business applications . . . . . . . . . . . . . . . . . . . . . . . 11 © 2014 Hitachi ID Systems, Inc. All rights reserved.
Building a Business Case for Hitachi ID Password Manager Purchase and Deployment 1 Introduction This document presents a sample business case for justifying purchase and deployment of Hitachi ID Password Manager. Hitachi ID Password Manager addresses password management challenges, such as forgotten passwords and users who write down their passwords, with password synchronization, self-service password reset and assisted password reset. Password management for thousands of users, across multiple systems, is a costly problem for most enter- prises. Problems that arise from ineffective password management include: • Support cost and meeting support SLA. • Lost user productivity. • Network security vulnerabilities. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 1
Building a Business Case for Password Manager Purchase and Deployment 2 Executive Summary The following table shows the historical and projected trend of password resets handled by this company’s help desk: Password targets Year 2005 Year 2006 Year 2007 Year 2008 Projected Year 2009 Projected NT/Active Directory Win2k Novell Unix AS/400 OS/390 Oracle PeopleSoft Lotus Notes Custom apps Total resets Cost of resets 2.1 Benefits Hitachi ID Password Manager eliminates password complexity, to reduce support cost, recover user produc- tivity, and improve systems security. Combined with Password Manager’s rapid deployment, these benefits yield positive ROI in just a few months: • Eliminate password problems for users, from AAA problems/month to BBB problems/month. • Reduce password-related IT support call volume, from CCC calls/month to DDD calls/month. • Shorten password problem resolution at the IT help desk, from EEE minutes/call to FFF minutes/call. • Help the support organization meet SLAs. 2.2 Cost savings Together, these benefits will yield direct support cost savings of: • $GGG/month to the support organization. • Productivity worth $HHH/month recovered for the user population. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 2
Building a Business Case for Password Manager Purchase and Deployment • Total projected annual savings are $SSS. Hitachi ID Password Manager is scalable, and can support employees, contractors, vendors, partners and customers. 3 Password Management Challenges 3.1 Complexity Problem: Managing multiple passwords is complex: • Users have too many passwords. • Different passwords expire on different schedules. • Each password is subject to different rules about what constitutes an acceptable password value. • Some systems force password expiration, and others don’t. The Hitachi ID Password Manager solution: Password Manager eliminates password complexity with a number of core technologies: • Password synchronization: Password Manager helps users to maintain a single password, changed on a single schedule, on all of their login IDs. Users no longer have to remember many different passwords, each with different rules and on a different schedule. • Consistent password policy: With Password Manager, a user is presented with a single set of password rules that works on ev- ery system. This is easy to understand, so users have an easier time picking an acceptable new password. • Early warning of password expiration: Password Manager notifies users early and often that their password is about to expire, and they should change it. Even mobile users get ample warning, and can keep their passwords from expiring. • One password update screen for every system: With Password Manager, users can update any or all of their passwords from one place. This elimi- nates cryptic password screens hidden away in each system and application. 3.2 User password problems Problem: Despite the above measures, some users will still have password problems. For example, someone who comes back from a holiday may have forgotten a password they set weeks earlier. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 3
Building a Business Case for Password Manager Purchase and Deployment The Hitachi ID Password Manager solution: Password Manager helps users who continue to have problems to resolve their own problems quickly and simply, without calling the help desk. Access to self- service password reset is available from the login prompt, any web browser, or a telephone. Users may be authenticated by answering a sequence of personal questions, using a hardware token, or with a biometric voice print match. 3.3 Assisted service Problem: Some users will call the help desk despite all of the above measures. The Hitachi ID Password Manager solution: For these users, the best outcome is expedited service – resolve the problem in one minute, rather than 10 or 20. Password Manager lets support analysts sign in themselves, look up a caller’s profile, authenticate the caller, reset any or all of the caller’s passwords, and automatically generate a support ticket, all from a single, streamlined web user interface. This facility also eliminates the need for support analysts to have administrative access to target systems, and generates extensive audit logs. 3.4 Meeting SLA Problem: Password resets come in huge fluctuations – they happen most often in the first hour of the day, usually on the first business day of the week. Support organizations have to be staffed for this peak of activity, but the rest of the time activity is less, so the staff hired to handle peak are wasted. Password resets are due to login problems, which can happen any time, any where, in a large enter- prise. Supporting password problems on these terms means that a team of empowered analysts must be available, on-call, 24x7. This is costly, and can exacerbate the turnover of staff who have administrative credentials. Peak support call volumes due to password resets can overload a help desk, and impede the ability of the support organization to deal with other, more strategic problem types. The Hitachi ID Password Manager solution: Eliminating the peak password reset call volume, and password call volume generally, is key to meeting SLA, as this is the most prevalent call type in most help desks. 3.5 Integration Problem: An effective solution must support all systems on a network, not just some, and must integrate with existing IT infrastructure. The Hitachi ID Password Manager solution: Password Manager comes with built-in integrations for over 60 types of target systems (network operating systems, mainframes, directories, ERP applications, mail systems, other applications, ASPs, etc.), plus other kinds of IT infrastructure: © 2014 Hitachi ID Systems, Inc.. All rights reserved. 4
Building a Business Case for Password Manager Purchase and Deployment • Call tracking systems (automatically create, update, close tickets). • E-mail (for registration requests and activity notification). • Interactive voice response units (telephone access). • Tokens (manage SecurID, SafeWord devices). • H.R. databases (retrieve data for Q&A authentication). • Directories and meta directories (lookup and manage user profile data). • Portals (make Password Manager an integral part of any portal). • Network management systems (health monitoring, load balancing, etc.) 3.6 Security impact Problem: Users respond to password complexity in a number of ways, each of which has a security impact: • They pick trivial (easy to remember, easy to guess) passwords. • They avoid changing passwords. • They write down their passwords. When users forget their passwords, they call the help desk and ask for a password reset, which can also trigger security problems: • The user may not be authenticated by the support analyst, or the authentication process may be easy to defeat by an intruder (social engineering). • Too many front-line support analysts have the right to reset passwords. This proliferation of powerful credentials, in the hands of high-turnover staff, is dangerous. • Password resets may not be logged, so auditing is difficult. The Hitachi ID Password Manager solution: Password Manager eliminates many security problems that arise from ineffective password management: © 2014 Hitachi ID Systems, Inc.. All rights reserved. 5
Building a Business Case for Password Manager Purchase and Deployment Before With Password Manager Written passwords Synchronized passwords are easy to remember: no need for sticky notes! Unchanging passwords Enforce global password changes. Easy-to-guess passwords Enforce a global, strong password policy. Unreliable caller authentication before an assisted password reset Require strong authentication prior to any password reset. Too many support analysts have administrator credentials Eliminate direct analyst access to target systems. No password reset audit logs Extensive audit logs, plus auto-generated support tickets. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 6
Building a Business Case for Password Manager Purchase and Deployment 4 User populations with special problems Hitachi ID Password Manager effectively addresses the following special problems: 4.1 Mobile users Problem: Mobile users are especially difficult to support: • They may not sign into the network operating system regularly, so may not get early warning of password expiration. As a result, these users are frequently locked out, and require service. • They may require password resets on their own local PC, or on dial-up servers. This is technically challenging, as password management systems are centralized on the network. The Hitachi ID Password Manager solution: Password Manager provides mechanisms to allow remote users to reset their own passwords, including telephone access via Interactive Voice Response technology, and remote user access. 4.2 Passwords for vendors and partners Problem: Vendors and partners work off-site, and have similar problems to mobile users. As well, vendors and partners may access corporate systems infrequently, and forget their own passwords regularly. Some users who work for vendors and partners may make a password reset call every time they try to sign into the corporate systems. The Hitachi ID Password Manager solution: Password Manager makes it easy for vendors and partners to securely manage their own passwords. 4.3 Language support Problem: Global organizations must provide user support in multiple languages. Routine password man- agement and password resets must both be available in multiple languages – on the same server, for the same set of users and target systems, at the same time. The Hitachi ID Password Manager solution: Password Manager’s fully customizable interface is already available in multiple languages (English, Spanish, French, Dutch, and Japanese), and new languages are added on request. 4.4 Infrequently used systems Problem: When users sign into a system infrequently, they tend to forget the login process and password in the interval between logins. For example, a user who signs into a time tracking system just once a month may regularly forget that password, and so make regular password reset support calls. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 7
Building a Business Case for Password Manager Purchase and Deployment The Hitachi ID Password Manager solution: Password Manager synchronizes passwords, giving users just one password to remember, and eliminating the problem. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 8
Building a Business Case for Password Manager Purchase and Deployment 5 Cost impact 5.1 Support costs Most IT help desks report that: • 20% to 40% of total call volume is due to password resets. • These calls cost $25 to $35 to resolve. This can amount to a significant IT expense. 5.1.1 Direct cost savings with Password Manager Direct cost savings accrue from reduced workload, and reduced or reassigned head count, at the IT help desk. Support workload is reduced as follows: • Hitachi ID Password Manager addresses password complexity, and can significantly reduce the total number of password problems that users experience. Successful deployments can eliminate 80% or more of password problems. • Self-service directs some of the remaining password problems away from the help desk. Typically 60% or more of remaining password problems never reach the help desk. • The cost of remaining password reset calls is reduced, through a more streamlined call resolution process. Password calls are typically resolved by the help desk in about 1 minute with Password Manager. • Password Manager can eliminate the need to staff password support analysts on a 24x7 basis. • Password Manager significantly reduces the peak volume of password resets, especially in the morn- ing after weekends and holidays. This eliminates the need to staff the help desk for peak load, and underutilize that capacity at other times. Together, these benefits can reduce 90% or more of password-related IT support cost. 5.2 Improved user productivity Users typically spend twice as long with a password problem as the help desk. They try to sign in, fail to, try again, call the help desk, wait for service, identify themselves, authenticate, receive the service, perhaps wait for password propagation, and try to sign in again. The cost of user productivity, though not appearing on any single budget line item, amounts to about double the direct support cost. Hitachi ID Password Manager can recover this lost productivity, by eliminating problems before they start, by providing a self-service interface, and by make assisted resets more efficient. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 9
Building a Business Case for Hitachi ID Password Manager Purchase and Deployment 5.3 Support statistics The following table shows the historical and projected trend of password resets handled by this company’s help desk: Password targets Year 2006 Year 2007 Year 2008 Projected Year 2009 Projected Year 2010 Projected NT/Active Directory Win2k Novell Unix AS/400 OS/390 Oracle PeopleSoft Lotus Notes Custom apps Total resets Cost of resets © 2014 Hitachi ID Systems, Inc.. All rights reserved. 10
Building a Business Case for Hitachi ID Password Manager Purchase and Deployment 6 Additional technology applications 6.1 System migrations, mergers and acquisitions Hitachi ID Password Manager can assist in system migrations, or in mass movements of users between systems, as happens during mergers and acquisitions. Password Manager maintains a list of users on each system, and this data can be used to create batches of users on a new system. Password Manager password synchronization is an effective way to initialize passwords for new accounts given to existing users. Simply create a batch of new user IDs, each with a random password. Setup the new system as a password synchronization target system, and ask users (by e-mail) to change their password either on the Password Manager web user interface, or a password synchronization trigger system. This will cause the user’s selected new password to be applied to all of their accounts, including the new one. This process eliminates the need to give users default password values, or to e-mail initial passwords. It has been successfully used by Hitachi ID customers to activate thousands of users on new systems in a single, secure step. 6.2 Managing authentication in e-business applications Hitachi ID Password Manager is a hardened, Internet-ready application. It is suitable for deployment on a corporate Extranet, to support password management for outside, users, such as customers, partners or vendors. Password Manager is easy to integrate with other Extranet systems, such as subscription systems, CRM, etc. www.Hitachi-ID.com 500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com File: /pub/wp/documents/business-case/psynch/pwm-business-case-5.tex Date: 2009-03-09

Recommended

Cloud Computing For IAM Providers
Cloud Computing For IAM ProvidersCloud Computing For IAM Providers
Cloud Computing For IAM Providersguest4b81cf
 
Beyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningBeyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningHitachi ID Systems, Inc.
 
Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsHitachi ID Systems, Inc.
 
Single Logout
Single LogoutSingle Logout
Single LogoutAndreas Åkre Solberg
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Systems, Inc.
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Systems, Inc.
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Systems, Inc.
 
Maximizing Value
Maximizing ValueMaximizing Value
Maximizing ValueHitachi ID Systems, Inc.
 

Recommended

Cloud Computing For IAM Providers
Cloud Computing For IAM ProvidersCloud Computing For IAM Providers
Cloud Computing For IAM Providersguest4b81cf
 
Beyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningBeyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningHitachi ID Systems, Inc.
 
Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsHitachi ID Systems, Inc.
 
Single Logout
Single LogoutSingle Logout
Single LogoutAndreas Åkre Solberg
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Systems, Inc.
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Systems, Inc.
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Systems, Inc.
 
Maximizing Value
Maximizing ValueMaximizing Value
Maximizing ValueHitachi ID Systems, Inc.
 
Authentication Management
Authentication ManagementAuthentication Management
Authentication ManagementHitachi ID Systems, Inc.
 
Introduction to Identity Management
Introduction to Identity ManagementIntroduction to Identity Management
Introduction to Identity ManagementHitachi ID Systems, Inc.
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Systems, Inc.
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Systems, Inc.
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Systems, Inc.
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Systems, Inc.
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Systems, Inc.
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Systems, Inc.
 
Identity and Access Lifecycle Automation
Identity and Access Lifecycle AutomationIdentity and Access Lifecycle Automation
Identity and Access Lifecycle AutomationHitachi ID Systems, Inc.
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business CaseHitachi ID Systems, Inc.
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access ManagementHitachi ID Systems, Inc.
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Systems, Inc.
 
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?Hitachi ID Systems, Inc.
 
Hitachi ID Privileged Access Manager
Hitachi ID Privileged Access ManagerHitachi ID Privileged Access Manager
Hitachi ID Privileged Access ManagerHitachi ID Systems, Inc.
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Systems, Inc.
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Systems, Inc.
 
Hitachi ID Management Suite
Hitachi ID Management SuiteHitachi ID Management Suite
Hitachi ID Management SuiteHitachi ID Systems, Inc.
 
Hitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Systems, Inc.
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Systems, Inc.
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Systems, Inc.
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 

More Related Content

More from Hitachi ID Systems, Inc.

Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Systems, Inc.
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business CaseHitachi ID Systems, Inc.
 
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?Hitachi ID Systems, Inc.
 
Hitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Systems, Inc.
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Systems, Inc.
 

More from Hitachi ID Systems, Inc. (20)

Authentication Management
Authentication ManagementAuthentication Management
Authentication Management
 
Introduction to Identity Management
Introduction to Identity ManagementIntroduction to Identity Management
Introduction to Identity Management
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management Suite
 
Identity and Access Lifecycle Automation
Identity and Access Lifecycle AutomationIdentity and Access Lifecycle Automation
Identity and Access Lifecycle Automation
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business Case
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
 
Hitachi ID Privileged Access Manager
Hitachi ID Privileged Access ManagerHitachi ID Privileged Access Manager
Hitachi ID Privileged Access Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Hitachi ID Management Suite
Hitachi ID Management SuiteHitachi ID Management Suite
Hitachi ID Management Suite
 
Hitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate Edition
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and Technology
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group Manager
 

Recently uploaded

Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 

Recently uploaded (20)

Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 

Building a Business Case for Hitachi ID Password Manager Purchase and Deployment

  • 1. Building a Business Case for Hitachi ID Password Manager Purchase and Deployment © 2014 Hitachi ID Systems, Inc. All rights reserved.
  • 2. This document presents a sample business case for justifying purchase and deployment of Hitachi ID Password Manager. Hitachi ID Password Manager addresses password management challenges, such as forgotten passwords and users who write down their passwords, with password synchronization, self-service password reset and assisted password reset. Contents 1 Introduction 1 2 Executive Summary 2 2.1 Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.2 Cost savings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3 Password Management Challenges 3 3.1 Complexity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.2 User password problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.3 Assisted service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.4 Meeting SLA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.5 Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.6 Security impact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4 User populations with special problems 7 4.1 Mobile users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.2 Passwords for vendors and partners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.3 Language support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.4 Infrequently used systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 5 Cost impact 9 5.1 Support costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.1.1 Direct cost savings with Hitachi ID Password Manager . . . . . . . . . . . . . . . . 9 5.2 Improved user productivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.3 Support statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 6 Additional technology applications 11 6.1 System migrations, mergers and acquisitions . . . . . . . . . . . . . . . . . . . . . . . . . . 11 i
  • 3. Building a Business Case for Password Manager Purchase and Deployment 6.2 Managing authentication in e-business applications . . . . . . . . . . . . . . . . . . . . . . . 11 © 2014 Hitachi ID Systems, Inc. All rights reserved.
  • 4. Building a Business Case for Hitachi ID Password Manager Purchase and Deployment 1 Introduction This document presents a sample business case for justifying purchase and deployment of Hitachi ID Password Manager. Hitachi ID Password Manager addresses password management challenges, such as forgotten passwords and users who write down their passwords, with password synchronization, self-service password reset and assisted password reset. Password management for thousands of users, across multiple systems, is a costly problem for most enter- prises. Problems that arise from ineffective password management include: • Support cost and meeting support SLA. • Lost user productivity. • Network security vulnerabilities. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 1
  • 5. Building a Business Case for Password Manager Purchase and Deployment 2 Executive Summary The following table shows the historical and projected trend of password resets handled by this company’s help desk: Password targets Year 2005 Year 2006 Year 2007 Year 2008 Projected Year 2009 Projected NT/Active Directory Win2k Novell Unix AS/400 OS/390 Oracle PeopleSoft Lotus Notes Custom apps Total resets Cost of resets 2.1 Benefits Hitachi ID Password Manager eliminates password complexity, to reduce support cost, recover user produc- tivity, and improve systems security. Combined with Password Manager’s rapid deployment, these benefits yield positive ROI in just a few months: • Eliminate password problems for users, from AAA problems/month to BBB problems/month. • Reduce password-related IT support call volume, from CCC calls/month to DDD calls/month. • Shorten password problem resolution at the IT help desk, from EEE minutes/call to FFF minutes/call. • Help the support organization meet SLAs. 2.2 Cost savings Together, these benefits will yield direct support cost savings of: • $GGG/month to the support organization. • Productivity worth $HHH/month recovered for the user population. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 2
  • 6. Building a Business Case for Password Manager Purchase and Deployment • Total projected annual savings are $SSS. Hitachi ID Password Manager is scalable, and can support employees, contractors, vendors, partners and customers. 3 Password Management Challenges 3.1 Complexity Problem: Managing multiple passwords is complex: • Users have too many passwords. • Different passwords expire on different schedules. • Each password is subject to different rules about what constitutes an acceptable password value. • Some systems force password expiration, and others don’t. The Hitachi ID Password Manager solution: Password Manager eliminates password complexity with a number of core technologies: • Password synchronization: Password Manager helps users to maintain a single password, changed on a single schedule, on all of their login IDs. Users no longer have to remember many different passwords, each with different rules and on a different schedule. • Consistent password policy: With Password Manager, a user is presented with a single set of password rules that works on ev- ery system. This is easy to understand, so users have an easier time picking an acceptable new password. • Early warning of password expiration: Password Manager notifies users early and often that their password is about to expire, and they should change it. Even mobile users get ample warning, and can keep their passwords from expiring. • One password update screen for every system: With Password Manager, users can update any or all of their passwords from one place. This elimi- nates cryptic password screens hidden away in each system and application. 3.2 User password problems Problem: Despite the above measures, some users will still have password problems. For example, someone who comes back from a holiday may have forgotten a password they set weeks earlier. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 3
  • 7. Building a Business Case for Password Manager Purchase and Deployment The Hitachi ID Password Manager solution: Password Manager helps users who continue to have problems to resolve their own problems quickly and simply, without calling the help desk. Access to self- service password reset is available from the login prompt, any web browser, or a telephone. Users may be authenticated by answering a sequence of personal questions, using a hardware token, or with a biometric voice print match. 3.3 Assisted service Problem: Some users will call the help desk despite all of the above measures. The Hitachi ID Password Manager solution: For these users, the best outcome is expedited service – resolve the problem in one minute, rather than 10 or 20. Password Manager lets support analysts sign in themselves, look up a caller’s profile, authenticate the caller, reset any or all of the caller’s passwords, and automatically generate a support ticket, all from a single, streamlined web user interface. This facility also eliminates the need for support analysts to have administrative access to target systems, and generates extensive audit logs. 3.4 Meeting SLA Problem: Password resets come in huge fluctuations – they happen most often in the first hour of the day, usually on the first business day of the week. Support organizations have to be staffed for this peak of activity, but the rest of the time activity is less, so the staff hired to handle peak are wasted. Password resets are due to login problems, which can happen any time, any where, in a large enter- prise. Supporting password problems on these terms means that a team of empowered analysts must be available, on-call, 24x7. This is costly, and can exacerbate the turnover of staff who have administrative credentials. Peak support call volumes due to password resets can overload a help desk, and impede the ability of the support organization to deal with other, more strategic problem types. The Hitachi ID Password Manager solution: Eliminating the peak password reset call volume, and password call volume generally, is key to meeting SLA, as this is the most prevalent call type in most help desks. 3.5 Integration Problem: An effective solution must support all systems on a network, not just some, and must integrate with existing IT infrastructure. The Hitachi ID Password Manager solution: Password Manager comes with built-in integrations for over 60 types of target systems (network operating systems, mainframes, directories, ERP applications, mail systems, other applications, ASPs, etc.), plus other kinds of IT infrastructure: © 2014 Hitachi ID Systems, Inc.. All rights reserved. 4
  • 8. Building a Business Case for Password Manager Purchase and Deployment • Call tracking systems (automatically create, update, close tickets). • E-mail (for registration requests and activity notification). • Interactive voice response units (telephone access). • Tokens (manage SecurID, SafeWord devices). • H.R. databases (retrieve data for Q&A authentication). • Directories and meta directories (lookup and manage user profile data). • Portals (make Password Manager an integral part of any portal). • Network management systems (health monitoring, load balancing, etc.) 3.6 Security impact Problem: Users respond to password complexity in a number of ways, each of which has a security impact: • They pick trivial (easy to remember, easy to guess) passwords. • They avoid changing passwords. • They write down their passwords. When users forget their passwords, they call the help desk and ask for a password reset, which can also trigger security problems: • The user may not be authenticated by the support analyst, or the authentication process may be easy to defeat by an intruder (social engineering). • Too many front-line support analysts have the right to reset passwords. This proliferation of powerful credentials, in the hands of high-turnover staff, is dangerous. • Password resets may not be logged, so auditing is difficult. The Hitachi ID Password Manager solution: Password Manager eliminates many security problems that arise from ineffective password management: © 2014 Hitachi ID Systems, Inc.. All rights reserved. 5
  • 9. Building a Business Case for Password Manager Purchase and Deployment Before With Password Manager Written passwords Synchronized passwords are easy to remember: no need for sticky notes! Unchanging passwords Enforce global password changes. Easy-to-guess passwords Enforce a global, strong password policy. Unreliable caller authentication before an assisted password reset Require strong authentication prior to any password reset. Too many support analysts have administrator credentials Eliminate direct analyst access to target systems. No password reset audit logs Extensive audit logs, plus auto-generated support tickets. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 6
  • 10. Building a Business Case for Password Manager Purchase and Deployment 4 User populations with special problems Hitachi ID Password Manager effectively addresses the following special problems: 4.1 Mobile users Problem: Mobile users are especially difficult to support: • They may not sign into the network operating system regularly, so may not get early warning of password expiration. As a result, these users are frequently locked out, and require service. • They may require password resets on their own local PC, or on dial-up servers. This is technically challenging, as password management systems are centralized on the network. The Hitachi ID Password Manager solution: Password Manager provides mechanisms to allow remote users to reset their own passwords, including telephone access via Interactive Voice Response technology, and remote user access. 4.2 Passwords for vendors and partners Problem: Vendors and partners work off-site, and have similar problems to mobile users. As well, vendors and partners may access corporate systems infrequently, and forget their own passwords regularly. Some users who work for vendors and partners may make a password reset call every time they try to sign into the corporate systems. The Hitachi ID Password Manager solution: Password Manager makes it easy for vendors and partners to securely manage their own passwords. 4.3 Language support Problem: Global organizations must provide user support in multiple languages. Routine password man- agement and password resets must both be available in multiple languages – on the same server, for the same set of users and target systems, at the same time. The Hitachi ID Password Manager solution: Password Manager’s fully customizable interface is already available in multiple languages (English, Spanish, French, Dutch, and Japanese), and new languages are added on request. 4.4 Infrequently used systems Problem: When users sign into a system infrequently, they tend to forget the login process and password in the interval between logins. For example, a user who signs into a time tracking system just once a month may regularly forget that password, and so make regular password reset support calls. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 7
  • 11. Building a Business Case for Password Manager Purchase and Deployment The Hitachi ID Password Manager solution: Password Manager synchronizes passwords, giving users just one password to remember, and eliminating the problem. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 8
  • 12. Building a Business Case for Password Manager Purchase and Deployment 5 Cost impact 5.1 Support costs Most IT help desks report that: • 20% to 40% of total call volume is due to password resets. • These calls cost $25 to $35 to resolve. This can amount to a significant IT expense. 5.1.1 Direct cost savings with Password Manager Direct cost savings accrue from reduced workload, and reduced or reassigned head count, at the IT help desk. Support workload is reduced as follows: • Hitachi ID Password Manager addresses password complexity, and can significantly reduce the total number of password problems that users experience. Successful deployments can eliminate 80% or more of password problems. • Self-service directs some of the remaining password problems away from the help desk. Typically 60% or more of remaining password problems never reach the help desk. • The cost of remaining password reset calls is reduced, through a more streamlined call resolution process. Password calls are typically resolved by the help desk in about 1 minute with Password Manager. • Password Manager can eliminate the need to staff password support analysts on a 24x7 basis. • Password Manager significantly reduces the peak volume of password resets, especially in the morn- ing after weekends and holidays. This eliminates the need to staff the help desk for peak load, and underutilize that capacity at other times. Together, these benefits can reduce 90% or more of password-related IT support cost. 5.2 Improved user productivity Users typically spend twice as long with a password problem as the help desk. They try to sign in, fail to, try again, call the help desk, wait for service, identify themselves, authenticate, receive the service, perhaps wait for password propagation, and try to sign in again. The cost of user productivity, though not appearing on any single budget line item, amounts to about double the direct support cost. Hitachi ID Password Manager can recover this lost productivity, by eliminating problems before they start, by providing a self-service interface, and by make assisted resets more efficient. © 2014 Hitachi ID Systems, Inc.. All rights reserved. 9
  • 13. Building a Business Case for Hitachi ID Password Manager Purchase and Deployment 5.3 Support statistics The following table shows the historical and projected trend of password resets handled by this company’s help desk: Password targets Year 2006 Year 2007 Year 2008 Projected Year 2009 Projected Year 2010 Projected NT/Active Directory Win2k Novell Unix AS/400 OS/390 Oracle PeopleSoft Lotus Notes Custom apps Total resets Cost of resets © 2014 Hitachi ID Systems, Inc.. All rights reserved. 10
  • 14. Building a Business Case for Hitachi ID Password Manager Purchase and Deployment 6 Additional technology applications 6.1 System migrations, mergers and acquisitions Hitachi ID Password Manager can assist in system migrations, or in mass movements of users between systems, as happens during mergers and acquisitions. Password Manager maintains a list of users on each system, and this data can be used to create batches of users on a new system. Password Manager password synchronization is an effective way to initialize passwords for new accounts given to existing users. Simply create a batch of new user IDs, each with a random password. Setup the new system as a password synchronization target system, and ask users (by e-mail) to change their password either on the Password Manager web user interface, or a password synchronization trigger system. This will cause the user’s selected new password to be applied to all of their accounts, including the new one. This process eliminates the need to give users default password values, or to e-mail initial passwords. It has been successfully used by Hitachi ID customers to activate thousands of users on new systems in a single, secure step. 6.2 Managing authentication in e-business applications Hitachi ID Password Manager is a hardened, Internet-ready application. It is suitable for deployment on a corporate Extranet, to support password management for outside, users, such as customers, partners or vendors. Password Manager is easy to integrate with other Extranet systems, such as subscription systems, CRM, etc. www.Hitachi-ID.com 500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com File: /pub/wp/documents/business-case/psynch/pwm-business-case-5.tex Date: 2009-03-09