User Reset of Forgotten Passwords - Vanguard PasswordReset™ is the Enterprise-Wide solution to forgotten passwords that provides immediate payback plus long-term benefits to your company or organization. It's your "pathway to profitability."
Vanguard PasswordReset is a revolutionary new self-help password resetting solution that increases profitability in enterprise environments. Vanguard PasswordReset addresses the common problem of forgotten RACF passwords. It allows authorized users to quickly and securely change their own passwords anytime, from anyplace.
Real Cost of the Forgotten Password
Forgotten RACF passwords are an expensive problem. The cost associated with password resets is easily verified. Companies that are "outsourcing" their help-desk report they are paying $25 to $40 per phone call for password resets. Help-desk personnel spend a large portion of their time on password maintenance instead of solving real problems. Surveys demonstrate that password reset calls account for 30-70 percent of all help-desk calls. Most organizations report 40-60 percent of all calls are related to password resets.
One recent survey indicates that the average organization is experiencing more than four password resets per person per year. Using a conservative cost of $25 to reset a password, that means that a 5,000-person organization is spending a minimum of $500,000 a year to reset passwords, while a 20,000-person organization is spending over two million dollars.
Minimizing Risk 24x7
Vanguard PasswordReset is a self-service and important component in Vanguard's identity management solution that increases profitability in enterprise environments. PasswordReset addresses the common problem of forgotten or expired RACF passwords. It empowers employees, customers and other authorized users to quickly and securely change their own passwords anytime using their web browser.
This powerful identity management solution:
- Eliminates lost productivity when users are unable to access computer applications.
- Provides improved help-desk productivity by allowing support staff to concentrate on solving other issues rather than time-consuming password resets.
- Enhances enterprise security by standardizing password reset activities and eliminating human error.
- Increases profitability by automating costly password resetting activities
- Helps retain customers by making it easier for them to access extranet and e-business environments.
- Virtually eliminates actual or hidden costs associated with installing, administering, maintaining and retiring thin-client software on user work stations.
Enterprise security is greatly improved with Vanguard PasswordReset because password changes are automated directly to the end user without other individuals being involved. The PasswordReset process ensures that proper security policies and procedures are followed step-by-step. Help-desk password resets are susceptible to hacker social engineering techniques. PasswordReset provides an added benefit in the removal of hacker social engineering attacks, resulting in improved security. With PasswordReset, users do not need to make a help-desk call nor reveal verification details over the phone.
Some companies handle the overloaded help-desk problem by relaxing password policies and extending the length of time that passwords remain valid before they expire and need to be reset. With evidence showing that 70% of all security breaches are caused intentionally or unintentionally by authorized users, such actions can be very costly to the enterprise. PasswordReset will ease the burden on the help-desk and improve security by assuring that the policies and procedures set by the company are followed each time a password is reset.
Mainframe Strength Solution
Unlike other password resetting software, Vanguard PasswordReset runs on the mainframe (z/OS - the enterprise's most trusted platform. It was designed from the ground-up to work hand-in-hand with IBM's Secure Security Server (RACF). It combines the benefits and convenience of a web-based interface with the proven stability, integrity, and security of RACF. All web-based transactions are fully secure and encrypted.
There is no need to install and maintain additional thin client software on user workstations. You save money by not having to incur the installation costs - and the "hidden" administrative costs such as the on-going manpower, support and maintenance costs - associated with thin client software running on each desktop across the enterprise. Beyond this is the cost of retirement (enhancement or replacement) of the desktop software, a major cost seldom considered in the initial cost of purchase.
What's more, PasswordReset works directly with your RACF database on z/OS. Unlike other products, there is no need to compromise security by downloading password or user ID information to a separate database. And there is no need to write special RACF code. With PasswordReset, everything stays where it belongs - in one place - on your trusted mainframe, the most secure place for it to reside.
Vanguard PasswordReset is easy to use. It begins with a quick and easy registration process. Users connect to PasswordReset via their web browsers and enter a series of questions and answers of their own choosing. Only the user knows the questions and answers they have chosen. They are encrypted by PasswordReset and stored in a secure RACF database on the mainframe.
If users later forget their password, they simply connect to PasswordReset via their browsers and enter the answers to the questions that they previously established. By properly answering the questions, PasswordReset authenticates the user and assigns the new password. For enhanced reporting and security, PasswordReset can optionally be configured to automatically send e-mail messages to the security administrator, the end user, and/or others whenever PasswordReset is accessed.
Concept of Inheritance
Vanguard PasswordReset is an ideal solution to use hand-in-hand with other Vanguard Security Solution products. For example, if Vanguard Administrator™ is used to conduct a "hard revoke" of a user password, PasswordReset will honor that action and will not allow the user to reset the revoked password.
How It Works:
PasswordReset is easy to use. It begins with a quick and easy registration process. Users connect to PasswordReset via their web browsers and enter a series of questions and answers of their own choosing. Only the user knows the questions and answers they have chosen. They are encrypted by PasswordReset and stored in a secure RACF® database on the mainframe.
When a user forgets their password they enter their RACF ID into the PasswordReset web page, and are presented with the questions they chose during the registration process. The user then enters the correct answers to their questions and chooses a new password.