Password Reset by 3AZfFUiE

VIEWS: 19 PAGES: 13

									    Password Reset



 SpeechTek West 2007

Automating Password Reset to Make
     Employees More Efficient

             Jason Groshart
     Director of Product Engineering
                     Agenda
• What is the Password Reset problem?
• How does Gold Systems Password Reset work?
• How does it improve efficiency?
 Is Password Reset Really a Problem?

Enterprise Management Associates

•    Average large enterprises spend $250 per worker, per year, on
     password management and associated Help Desk overhead.*
•    In a 5,000-person organization (assuming 3,000 technology users),
     the annual cost for password management equals $750,000!*

Gartner Group

•    15-35% of all calls to the Help Desk are password related.**
•    "We calculate cost per call at $14 to $28, based on seven minutes per
     call, the cost of the individual and the cost of facilities”**
•    A 10,000-employee company that has 2,500 calls per month at $20
     per call - costs them $50,000/mo. or $600,000/ yr.**
* Source - Enterprise Management Associates
** Source - Gartner Group
    Password Reset Challenges
•   Security, security, security
     –   Threat Modeling (What are the potential threats)
     –   Encryption on disk, in memory, and over the wire
     –   Support for HIPAA and Sarbanes-Oxley
     –   Independent security review – Applied Trust whitepaper
     –   Biometrics – Voiceprint (speaker verification)
•   Usability
     –   Voice User Interface Design – a science and an art
     –   Web Enrollment – easy to use and secure
     –   Web Administration – flexible and secure
     –   Reporting and Notification
•   Directory Services Integration
     –   Microsoft Active Directory
     –   Novell eDirectory
     –   Others
•   Microsoft Speech Server
     –   Enterprise Edition
     –   Standard Edition
     –   Development Environment
  Applied Trust Certification



• As an independent expert, Applied Trust
  hereby certifies1 that on this day, July 27,
  2005, the Gold Systems’ Password Reset
  product version 1.0b2 is free from any
  significant known security vulnerabilities and
  that the product is in compliance with current
  industry best practices for application
  development and fortification, including
  encryption and handling of credentials and
  personally identifiable information.
Gold Systems Password Reset




            Listen to the Solution
                      Web Enrollment
•   Login
     – Windows login
     – Domain identification
•   Short Answer Questions
     – Example:
            • What is the name of the grade
              school you attended?
•   Number Questions
     – Example:
            • What is a number you will
              remember?
•   Date Questions
     – Example:
            • What is an important date you
              will remember?
•   Successful Enrollment
     – Can use the system within 24
       hours
     – Configurable number and type of
       questions
          Web Administration
• Directory Service
   – Primary & secondary servers
   – Multiple domains/trees
   – Password Constraints
       • Length
       • Include special characters,
         numbers, and upper case letters
• Deployment
   – Email parameters
       • Administrator email
       • Email server information
   – Enrollment parameters
       • Number and type of questions
   – Voice application parameters
       • Number of Authentication
         questions
       • Lockout failures
       • Force password change
       • Password expiration
       • Transfer parameters
                        Reporting
• Enrollment Percentage
   – Eligible employees
   – Enrolled employees
• Threat Level
   – Overall threat index
• Password Reset Activity
   – Number of failed and successful
     resets
   – Dropdown reports by day, hour
   – Individual reset data
• Enrollment Activity
   – Number of failed and successful
     enrollments
   – Dropdown reports by day, hour
   – Individual enrollment data
           Localized Applications
•   Voice Applications
     –   US English
     –   North American Spanish
     –   Canadian French
•   Web Applications
     –   US English     -   Dutch
     –   Spanish        -   Brazilian Portuguese
     –   French         -   Korean
     –   Italian        -   Japanese
     –   German         -   Simplified Chinese
          Password Reset Demo
•   Identification
     – Uses Windows login
     – Speak the characters including special
       characters and numerals
     – Domain disambiguation                                   •   Call 866.212.4254

•   Confirmation                                               •   Say “Password Reset”
     – Verify the caller’s id
                                                               •   Follow prompts
•   Authentication
     – Speaker Verification (if applicable)
          • Based on Persay technology
     – Authentication Questions
          • Random questions based on enrollment
          • Does not indicate incorrect answer until failure
          • Configurable question parameters
•   Password Reset
     – Configurable password constraints
     – Temporary password (5 minutes to 2 weeks)
          Case Study – Schindler Elevator

•    Schindler Elevator, the North American operating entity of the Swiss-based
     Schindler Group, the world’s largest escalator manufacturer and the second
     largest elevator manufacturer employs over 6,500 people in more than 250
     locations throughout North America.
•    Schindler Elevator Corp. was seeing a 500 percent growth in the number of call
     center calls with 25 percent specifically related to password reset issues.
•    On average, each employee needed password reset twice per year
•    With the typical call, the process took 15 minutes to complete or nearly 3,000
     man-hours each year
•    Password reset access jumped 54 percent
•    Call volume decreased 25 percent
•    ROI within 4 months

“We expect an ROI under four months. There are also administration savings and productivity gains that
    are hard to measure, but just as real.”

Kevin Riley
Manager, End User Computing
Schindler Elevator Corp.

*   Source – Microsoft Corporation
                               Thank You
                          Jason Groshart
                          Director of Product Engineering
                          jgroshart@goldsys.com
                          800.988.7798 and say “Jason Groshart”


Since 1991, Gold Systems has built solutions for 500+ leading enterprises…

								
To top