Have you been asked any of the following questions?
How many systems do users logon to daily?
How many passwords must users remember?
What percent of your help desk calls are password related?
Are new hires quickly given the tools they need to be productive?
How much exposure is created when an employee leaves the organization?
Can you prove user credential compliance with governmental regulations?
These are the some of the questions that a secure
identity management solution must answer. Yet, the staggering proliferation of
directories and applications makes this task increasingly difficult.
Administrators struggle to manage digital identities across multiple platforms
with access controls buried in many different directories. To complicate matters
further, each directory may have its own definition of a user identity, in
essence creating multiple instances of the same user. This common scenario is
both inefficient and insecure.
Denmac tackles identity management issues with a methodology that
dramatically reduces IT expense while increasing security and productivity. Our
approach considers the entire ID lifecycle from the user’s perspective, while
layering corporate standards and policies for information security and
compliance. The benefits to you are as follows:
Improves user experience - fewer passwords for users to remember
Lowers IT costs - fewer help desk calls
Improves security - automated de-provisioning closes windows of potential attack
Improves efficiency - new users quickly access productivity resources
Improves agility - privileges realign quickly as roles, responsibilities and locations change
Enables compliance - log and audit reports document access to secure documents and applications
Denmac’s identity management solutions improve efficiency, security and user experience
while reducing IT cost in the following ways.
Provisioning
This is the process of introducing (or adding) a user throughout a company’s IT environment. Denmac works to understand your organization’s standards and policies, and then develops ways to automate the provisioning process. Provisioning in this way not only reduces administration time, but enables a standard assignment of rights and privileges, and adherence to corporate security standards (like password policies). The net result is improved security, standards compliance and reduced costs in the provisioning process.
De-Provisioning
Though many times overlooked, the importance of de-provisioning cannot be overemphasized. De-Provisioning automates and ensures that a user’s credentials are removed from the environment when their relationship with your organization is complete.
Directory Synchronization
Maintaining the numerous profiles associated with a typical user ID across the enterprise is a tedious, time-consuming and costly task. Add the complexity of different applications using different standards (e.g. joe.smith, jsmith, smit1928), and administrative costs go ever higher. From a user perspective, managing passwords across the array of enterprise applications is burdensome and can lead to security vulnerabilities (i.e., writing passwords on notepads, or picking easy passwords). Directory synchronization technologies provide the mechanism to automate routine additions, moves and changes—from both the administrative and end user perspective. Administrative changes, such as group membership, or end user changes, like password changes, can be propagated throughout the enterprise using directory synchronization technologies. Denmac has the experience to integrate directory synchronization technologies that will lower the administrative overhead associated with managing multiple credential stores, improve security through credential standards, and improve the user experience by easing the number of interfaces needed to maintain application passwords.
Password Management
One of the single largest help desk expenses is password management—specifically the process of resetting user passwords for different applications. One of the goals of enhanced password management is empowering end users with the ability to reset and manage their own passwords. A side benefit of enhanced password management is the strict adherence to password security standards and compliance. Denmac helps companies leverage self service password management technologies to lower help desk calls, while enabling their end user community to manage their credentials in a secure and standards-based environment.
Enterprise Single Sign On (ESSO)
For many Denmac clients, the average end user needs to login into 8 to 10 different applications on a daily basis. These logins each have their user ID and password standards and policies. Add in a password policy that requires password changes every 90 days and doesn’t allow the reuse of a prior password, and you have users that need to create and remember up to 40 different passwords a year. Multiply that by the total number of users in your organization, and you have a password management nightmare. The net result is that users either (a) pick easy passwords and use them for multiple applications, or (b) they write them down on a piece of paper. Either answer leads to security challenges. Enterprise Single Sign On technologies are designed to help your user community with this password management burden. Denmac works with companies to understand their application requirements and security standards, and then integrates the appropriate ESSO technologies to alleviate end user challenges associated with managing multiple passwords. The result is improved security and reduced help desk calls related to password management.
Auditing/Reporting/Monitoring
Whether due to compliance requirements or simply security best practices, enterprise identity management must be auditable and sustainable. Denmac leverages a number of tools to consolidate, monitor, analyze and report on enterprise-wide identity events – all focused on meeting our client’s compliance and information security requirements.
back to top