Effective password management solutions provide business users an easier way to change or reset passwords themselves, while enforcing a strong password policy across all applications. Yet Gartner estimates that 40% of all IT helpdesk tickets are for password change requests, which decreases productivity and raises the cost of doing business.
reuse passwords across different accounts
1 in 7
would consider selling their passwords to a third-party
Poor password hygiene is a problem.
There’s a decades-old debate about whether passwords are dead. But passwords continue to be the most widely used and accepted method of authentication, so they aren’t going away anytime soon. And while they are essential, passwords also threaten an enterprise’s security, with 75% of respondents to SailPoint’s 2018 Market Pulse Survey admitting they reuse passwords across accounts, including work and personal.
Password management might seem like old hat, but it’s shocking to hear just how many organizations still aren’t doing it right. Users have so many passwords to remember, they’re cutting corners by not regularly updating them and making them unique. Duplication across applications is also a big problem — even among organizational and personal applications — and it creates a gateway for attackers to easily get access to enterprise data. Even IT decision makers within enterprises, who should be leading by example, have bad password habits. In a recent poll conducted by Vanson Bourne, they found 55% of IT decision makers have used the same password at work and in their personal life, and nearly a third admitted to using easy-to-guess words for their passwords.
Weak security practices leave organizations exposed to the risk of breaches. When users share passwords across multiple accounts and systems, fail to regularly change their password or comply with password management policies, they create security vulnerabilities that could expose corporate passwords and allow hackers to access highly sensitive systems within the enterprise.
The fallout of data breaches has long-lasting effects — as we’ve seen from the continued impact of the 2012 data breach at LinkedIn and the Yahoo breaches that were dubbed the worst of the 21st century. Yet many users don’t change their passwords immediately after a data breach. The domino effect of breaches across multiple internet services shows that people still aren’t learning basic security lessons. And employing a weak approach to securing identities, in part by not enforcing password reset among employees, is an example of how simple, internal controls could minimize the overall impact of a data breach.
Identity governance helps enforce strong password requirements.
Enterprises need to educate employees on the risks of poor password hygiene and enforce strong corporate policies. A sound password management program provides users with automated password assistance and resets. It also needs to include a robust identity governance solution that provides preventive and detective features that control access, as well as identify and remediate security issues.
Identity governance makes it possible for organizations to provide automated access to an ever-growing and changing IT environment, while also reducing potential security and compliance risks. User provisioning automates the defined processes for granting, changing and removing user access privileges. Policy management helps strengthen passwords across all applications. Access certifications ensure that user access is appropriate and meets policy, audit and compliance requirements.
SailPoint’s open identity platform can help your organization:
- Reduce operational costs by reducing helpdesk calls for password resets
- Improve user productivity and satisfaction by reducing time spent locked out of accounts
- Strengthen security through consistent enforcement of password policy
- Unify and centralize password management across data center, cloud and mobile resources
SailPoint has an innovative approach to mobile password resets that provides automated tools to avoid costly helpdesk calls. Overall, the efficiencies gained through the power of identity is impressive. For example, GE reduced their helpdesk tickets for password reset requests from hundreds of thousands to around 10,000 requests annually — saving over $2 million a year. Similarly, Rockwell Automation worked with SailPoint to automate everything from password synching to user provisioning. As a result, 62,000 requests are now handled with automated self-service, saving around $1 million annually.
SailPoint also empowers users to securely manage network access credentials from the cloud. This is especially helpful when they’re working remotely and locked out of the corporate network. Our unique, patented solution allows employees to safely manage enterprise passwords from mobile devices without having to involve IT. The result is cost savings, improved productivity and higher user satisfaction.
SailPoint Predictive Identity can help
See and control access to all your apps and data for
all your users, including bots.