The true cost of Password Management

7/27/2019 The true cost of Password Management

1/6

1 . 8 0 0 . 8 1 3 . 6 4 1 5 | w w w . s c r i p t l o g i c . c o m

TheTrueCostofPasswordManagement

AScriptLogicProductPositioningPaper


2/6

2|TheTrueCostofPasswordManagement

The True Cost of Password Management

Iveforgottenmypassword!

Icant

log

in!

Canyouhelpmechangemypassword?Myoldonejustexpired.

WhycantIjustreusemyoldpassword?Icanrememberthatone.

ChancesarethatnearlyoneoutofeverythreetimesthehelpdeskorITdepartmentpicksup

thephone,itsforapasswordmanagementissue.Passwordsarenecessarytoprovidethesecurityand

accessmanagementrequiredbytodaysenterprise.Butaretheycostingyoumoney?

Ontheonehand,passwordresetsseemtodemandaninordinateamountofITattention.On

theother

hand,

in

an

effort

to

ease

the

need

to

bother

the

help

desk,

end

users

often

resort

to

non

securepasswordpracticesthatmayactuallymaketheenterprisemorevulnerable.Perhapsnoother

areaofITcanoffertheimmediatereturnoninvestment(ROI),orenduserenablingsatisfactionthan

automationofpasswordmanagement.

AccordingForrester

Passwordproblemsandresetsgenerallyconstitutebetween25%and40%oftotalhelpdesk

incidents.1

1Twenty-Three Best Practices For The Customer Service Center, Chip Gliedman, Forrester, October 11, 2005

HelpDesk

Call

Volume

CallsforPasswordResets

OtherHelpDeskCalls


3/6


Needlesstosay,eventhemostefficientorganizationprobablyadmitspasswordmanagementas

oneofitsmostinefficientITtasks.Inreality,mostorganizationsspendapproximately1/3oftheirIT

attentiononpasswordresets.

TheTrueCostofPasswordManagementWhileitisdifficulttoplaceanexactcostonasinglepasswordresetcall,analystshavebeenabletomakesomefairlyaccurateassumptions.Analystsplacethecostofatypicalpasswordresetcallat

between$10and$31.Addtothisthelostproductivitywhileendusersdealwiththeirpassword(rather

thanperformingtheirjob),whichsomeanalystshaveplacedat20minutesperincident,andthe

financialimpactofmanualpasswordmanagementpracticescanbesignificant.

Ina2004Gartnercasestudy,alargebeveragecompanydeterminedthat30percentofhelp

deskcallswerepasswordrelatedwithanaveragecostof$17.23percallforanannualimpactofmore

than$900,0002.

Evenifweassumethelowestnumbers($10percalland15percentofcalls),itquicklybecomes

apparentthatmanualpasswordmanagementisoneareathatcandeliversignificantROIthrough

automation.

AutomatingPasswordManagementGartnerestimatesabout7090percentcostsavingsforhelpdesksthroughthe

implementationofaselfservicepasswordresetsolution3

2Automated Password Resets Can Cut IT Service Desk Costs,Gartner, 13 December 2004, ID Number G001235313Toolkit: Evaluating Enterprise Options for Managing Passwords, Gartner, 3 November 2006, ID Number

G00144094

HelpDeskCallVolumeSavingswith

DesktopAuthority

Password

Self

Service

PasswordResetRelatedCalls

OtherHelpDeskCalls


4/6


Atitsveryessence,DesktopAuthorityPasswordSelfServiceprovidestheendusercommunity

withinanorganizationwiththeabilitytochangeandresetpasswordswithoutinvolvingthehelpdeskor

ITstaff.Itpresentsaseriesofchallenge/responsequestionsthatendusersmustanswerinorderto

unlockalockedaccount,changeapassword,orreaccesssystemsoncetheirfailedloginshaveexceeded

thelimit.

Inmostcases,whenausercannotaccesshisorhersystemduetoapasswordissue,theuser

cannotaccesstheselfservicepasswordresetapplication.Ratherthanrequireuserstosimplyborrowa

neighborsPCtoaccesstheapplication,answerthequestions,andresetthepasswordorutilizekiosks

whosesolepurposeispasswordresets,DesktopAuthorityPasswordSelfServiceallowswebbased

accesstotheapplicationpriortologinthroughaGINAextensiononthedesktop.SimplybyclickingaI

forgotmypasswordlink,theuseristakentoawebpagewithpasswordresetfunctionalityisavailable.


5/6


CalculatingReturnonInvestmentBasedonaconservativeuseofthenumbersprovidedbyanalystfirms,thefollowingROIcanbe

experiencedthroughimplementingDesktopAuthorityPasswordSelfServicetomanageADbased

passwords.Weusea1,000usercompanyasanexampleandacostof$5.60/seatfortheDesktop

AuthorityPasswordSelfService.

EmployeeData

NumberofUsers 1,000

Averagefullyburdenedsalaryofuser(employee) $50,000

Annualfullyburdenedsalaryofhelpdeskassociate $50,000

Hoursinasingleworkyear 2,080hours

HelpDeskMetrics

Helpdeskcallsperusereachyear 10

Percentagecallsrelatedtopasswordreset 40%

Average

duration

password

reset

call

15

mins./callAverageuserinactivityforpasswordissue 20mins./call

WithoutaPasswordManagementSolution

Totalnumberofhelpdeskcallsperyear 10,000

Totalhelpdeskcallsforpasswordincidents 4,000

Totalannualhelpdesktimespentonpasswordresetcalls 1,000hours

Totalannualuserinactivitywastedonpasswordresetcalls 1,333hours

Costofuser'stimelostforeachincident $8.01percall

Costofhelpdeskforeachincident $6.01percall

Totalcostofuserinactivitywithoutpasswordmanagementsolution $32,051

Costof

password

reset

help

desk

calls

$24,038

TotalCostwithoutPasswordManagementSolution $56,089

WithaPasswordManagementSolution

Percentageofpasswordcallshandledbysolution 100%

Totalnumberofcallscovered 4,000

Averagedurationselfservepasswordresetsession 3minutes

Totalcostofuserinactivityforuserswithsolution $4,807

Costofpasswordresethelpdeskcalls $0

TotalCostwithPasswordManagementSolution $4,807

ROIAnalysis

AnnualsavingswithDesktopAuthorityPasswordSelfService $51,282

LessUpfrontSoftwareInvestment ($5,600)

OneYearDollarSavings $45,682

BenefitasaMultipleofCost 8.1x

PaybackPeriodonInvestment 1.3Months


6/6


ConclusionObviously,theROIforimplementingaselfservicepasswordresetsolutionissignificant.This

benefitcanbeevenfurtherenhancedwhenthesolutioniscombinedwithtechnologiesthatreducethe

overallnumberofpasswordsthatmustbemanaged.Nootheridentitymanagementpracticecanbring

thefinancialbenefit,securityenhancements,andcomplianceenablingpracticesthatcomewithan

automatedpasswordmanagementsolution.Simplyenablingenduserselfservicecandramatically

reducecostsandincreaseefficiency.Inaddition,usingDesktopAuthorityPasswordSelfServicecan

providesignificantimprovementsinsecurityandcompliance.

The true cost of Password Management

Documents

Transcript of The true cost of Password Management