In this day and age, IT professionals can access corporate applications and data through so many different avenues. End-users and executives have effectively forced this issue by requiring companies to support BYOD using varied networks and connectivity scenarios. This creates a large attack surface that IT staff must protect, but it also benefits companies because users can be more efficient and work more hours. However, the first step to allowing access is securely authenticating the users and this is not possible if they have forgotten their password. Overcoming this hurdle can be achieved by deploying a usable, centralized password reset solution.
Based on Gartner research, password-related calls constitute 20-30 percent of all Help Desk call volume. The need to keep systems secure still starts with passwords so there has been no shortage of corporate IT security projects related to increasing password complexity and requiring more frequent password changes. Furthering the problem, security and usability typically have an inverse relationship.
On the one hand, increased security and usability will suffer; on the other hand, taking steps to enhance usability often comes at the cost of security. Developing an in-house solution to address forgotten passwords is often attempted, but rarely done well because it is outside the scope of most organization’s core competencies and is often underfunded because it does not help contribute to the bottom line. Companies and educational institutions would both benefit from a usable, centralized password reset solution, especially when it is purchased “off the shelf” from a reputable, innovative vendor who is an expert in its field.
A self-service password reset solution is all about a convenient, yet secure user experience. If it is even slightly difficult for users, then it will go unused and nullify any productivity or anticipated cost savings. Offering a unified user experience is vital to achieving high user enrollment and adoption. Along with providing the ability to perform a password reset from a browser, desktop, or smart phone, effective solutions can also remind the user to enroll personal challenge answers, their cell phone number, or initialize a mobile app through all these same interfaces while maintaining a consistent UI. Key to the aspect of unification is not prompting users to re-enroll for each access device and offering this service to users both in and outside your organization’s network using a single server end-point.
PortalGuard is a usable, centralized password reset solution that can help you support your infrastructure and securely address the issue of forgotten passwords by providing an innovative, unified user experience that does not compromise on security. PortalGuard can help users realize the benefits of BYOD regardless of your environment’s size or topology and help you avoid the IT pitfalls that often follow in its wake.