IDM & The Holidays

It’s holiday season again and for many companies that means a reduced workforce with a lot of personnel taking lots of time off to spend with family and/or travel. For most this is an annual time of celebration and relaxation, but for others, like a help desk or IT person, it means the calm before the storm. All too often the return from the holidays heralds in a flood of calls and support tickets for users that have forgotten passwords, had passwords expire over the holiday break or accounts being locked for too many failed login attempts. For those that support these users, the first of the year is oftentimes the busiest for these types of issues. It can be stressful, it can be time consuming, and it can seriously inhibit a company’s ability to conduct business if users cannot access their accounts, equipment, devices, etc…

In companies that lack a solid IDM solution, these issues can require a lot of manual interaction with various systems, especially in environments where there is not a central authentication store. Imagine a system where users have multiple accounts spread across Active Directory, Oracle databases, and various other hodgepodge applications with custom authentication stores. It should not be too hard to imagine as it is a very common thing in today’s workplace. Now imagine the headaches and hassle associated with having to track down different interfaces, utilities, URLs, etc., to change passwords across disparate systems.

It can be a nightmare for the techs doing the work, and can often be frustrating for the employees who in many cases are sitting on the phone waiting for their accounts to be restored. From the end-user side, I can tell you from personal experience that it is not fun waiting up to 30 minutes for an account issue to be resolved because there is no process for me to resolve the issue on my own, as similar calls further jam the help desk phone lines. Then after waiting all that time, being forced to speak to a tech who has to take several minutes to jump through all the hoops to reset an account just for a single person.

Now imagine a system that has a fully integrated IDM solution from IDMWORKS!

You can still have systems that maintain their own back end databases, you can still have a Microsoft-based network with Active Directory serving as the authentication source for logical access, and you still have your own Oracle database; but instead of having to manage all of these systems individually, in an IDMWORKS-designed IDM solution you can manage most, if not all, account changes from a single IDM interface.

When a user calls to report an issue with an account the help desk representatives can access the central IDM repository through something like NetIQ’s iManager where the user’s account password can be changed, then synchronized to any connected systems; or the account can be unlocked, and then that unlock can be reflected in connected systems. Through an IDMWORKS designed IDM solution using NetIQ’s Identity Manager this information can easily be managed and distributed across your infrastructure through a single tool allowing similar issues to be fixed with less tools, less time and less interaction – allowing end-users to return to a productive state faster and easier.

Taking the whole account password management scenario a step further, companies can even further reduce their workloads for these types of problems by adding a self-service module to their IDM solution. NetIQ’s Self-Service Password Reset (or SSPR for short) allows users to change passwords, recover forgotten passwords and even unlock their account. All without ever needing to call or open a support ticket.

NetIQ’s Self-Service Password Reset even includes a Help Desk module that makes account management that much easier for those individuals working those requests. Through the SSPR Help Desk module users can perform searches against the target LDAP directory, usually Novell eDirectory, change account passwords, email new passwords to end-users, unlock locked accounts and even verify the user’s identity for audit purposes. SSPR works with security questions, either configured locally to SSPR or from a defined central set in the target LDAP directory. Managing accounts through the SSPR web interface automatically synchronizes the changes to the target LDAP directory and if that directory is part of your IDM solution, which it should be, that information can be synchronized to your various connected systems within seconds, allowing users to gain access to their accounts across the network quickly and easily with only one change.

By putting basic account recovery access in the hands of the end-users a company can generally see a significant reduction in trouble tickets around general account access issues. Of course your company’s needs and policies may or may not make this solution as effective as other similar implementations, but even a slight reduction in workload for the help desk only serves to allow them more time to work other issues for an overall quicker turnaround on all calls and/or tickets.

Keep your workforce working by calling IDMWORKS today!