Government Dept.: Authorized User Password Management Module

Attain Insight Security 4X
Goverment Dept.

CANADIAN GOVERNMENT DEPARTMENT: Authorized User Password Management


PROBLEM

A Canadian Government Department has 1,600 IBM Cognos users who must each change their passwords multiple times a year to meet password change standards.  The business groups, i.e. the end-users, play a limited role in the password change process.  They are wholly dependent on the Cognos Support team to process changes to authorized users (those users who are allowed to login to IBM Cognos).  This activity, and administrative burden, is a challenge to manage for the organization's small IBM Cognos support team.  And, typically, pulls scarce IT resources from developing business critical applications to the relatively mundane administration of user access. 

Manual password changes are cumbersome and error prone

The password change process is highly manual and fairly brute force.  It is cumbersome and error prone,  largely managed through email.  Business groups send files with authorized user changes for processing.  The files are manually prepared and manually uploaded for processing. 

Changes to file names, file delimiters or file format, routinely break the process.  This happens often, directly impacting end user and business group productivity (a NIST study identified the single largest cost of user access issues was lost productivity caused by employee downtime, which significantly outweighed any other cost.).  When this occurs, the burden of determining the cause and repairing the problem rests with the Cognos Support team, removing them from other valuable work.

SOLUTION
Security 4X provides web-based administration screens for business administrators to enable or disable user access and the password change process.  The Authorized User and Password Management Module includes IBM Cognos reports that provide a record of all password change related activity.  This includes notifications sent to users and all changes to authorized users such as disabling, enabling and other property changes along with which administrator made the change.

Security 4X Authorized User and Password Management Module tracks changes and provides audit reports

It supports comprehensive audit logging and reporting to provide visibility to who enabled/disabled a user and when, who changed their password and whose passwords will soon expire. 

The module includes customizable templates for password notification messages, including newly granted access, password soon to expire, password has expired, password change and password change confirmation.  Confirm Identity and Password Reset screens are customizable to meet corporate brand and password standards.