To thwart attackers and minimize the risk of a data breach most organisations impose strong password policies on their users. The owners of enterprise passwords are the employees. The issue is often not whether a strong password policy exists but on managing how those employees implement that policy.
Users now having an impossible combination of password rules to remember to access their various business and personal services. Consequently, they are devising their own coping mechanisms to manage that ‘password overload’.
Users write down passwords, re-use the same password across different systems, create variances or use simple and predictable password strategies. As a consequence the employee “perimeter” is now defined by the sum of their business and personal contacts, where passwords are utilized.
Attackers use a variety of social engineering techniques and powerful, automated tools to discover passwords and take advantage of this human behaviour.
Reports now show that organisations today view co-workers not hackers as the greatest threat to security. and employee password practices as the greatest interior threat to an organisation.
The requirement is to find a user friendly way of enforcing the organisations password policies whilst at the same time negating their coping mechanisms.
We provide a integrated set of rules based tools and accompanying consultancy services that block the techniques used by attackers. The benefits include
- Strengthening password policy beyond AD
- Interface to 3rd party data bases of banned or compromised passwords and dictionaries
- Rules based filters to block re-use, password variants etc.
- Interceptor technology to capture and apply policies to any changes made outside self service.
- Visual indicators for ease of use.
- Real time reporting and monitoring.
Education User Cases user case
Large institutions with staff and student numbers exceeding 14,000 people, who need to be able to manage any password resets, whilst on multiple campuses or remotely, using multiple applications.
Solution FastPass can be used to integrate with various IT Service Management tools, to help support systems that may already be in place. Crucially it allows users to self-serve and reset their own passwords without the need to visit or contact an IT facility or helpdesk.
Retail User Cases user case
Shop floor employees, within the retail operations are often transient and in many cases have shared logins (tills etc).
We deliver retail specific solutions that include code cards to enable the sharing of passwords amongst shop floor workers. We also provide interceptor technology to capture all changes made outside of our self-service solution e.g. via control, alt, delete and apply co-operate password policies to those changes.
Government User Cases user case
Employee password practices are the greatest material threat to an organisation. The ability to strengthen password policies beyond Active Directory and manage the employee's implementation of these polices is key to preventing data breaches.
Therefore there is a growing need to be able to securely reset or unlock passwords remotely. We have been able to support this flexible working practice by using the Synchronization functionality to enable their own devices in the work place.
Managed Service Providers (MSP's) User Cases user case
Increasing price pressures and the need for innovation will force MSP's to either invest in automation or pull out of the Managed Service Desk market place. Password related calls account for up to 35% of their call volume.
Our holistic approach allows those MSP's to shift left and deliver password resets via self-service with a proven track record of 95% adoption rate without having to commit investments to install and maintain the solution.