SpeechTek West 2007

Automating Password Reset to Make Employees More Efficient

Jason GroshartDirector of Product Engineering

Password Reset

Agenda

• What is the Password Reset problem?• How does Gold Systems Password Reset work?• How does it improve efficiency?

Is Password Reset Really a Problem?

Enterprise Management Associates

• Average large enterprises spend $250 per worker, per year, on password management and associated Help Desk overhead.*

• In a 5,000-person organization (assuming 3,000 technology users), the annual cost for password management equals $750,000!*

Gartner Group

• 15-35% of all calls to the Help Desk are password related.**• "We calculate cost per call at $14 to $28, based on seven minutes per

call, the cost of the individual and the cost of facilities”** • A 10,000-employee company that has 2,500 calls per month at $20

per call - costs them $50,000/mo. or $600,000/ yr.**

* Source - Enterprise Management Associates** Source - Gartner Group

Password Reset Challenges

• Security, security, security– Threat Modeling (What are the potential threats)– Encryption on disk, in memory, and over the wire– Support for HIPAA and Sarbanes-Oxley– Independent security review – Applied Trust whitepaper– Biometrics – Voiceprint (speaker verification)

• Usability– Voice User Interface Design – a science and an art– Web Enrollment – easy to use and secure– Web Administration – flexible and secure– Reporting and Notification

• Directory Services Integration– Microsoft Active Directory– Novell eDirectory– Others

• Microsoft Speech Server– Enterprise Edition– Standard Edition– Development Environment

Applied Trust Certification

• As an independent expert, Applied Trust hereby certifies1 that on this day, July 27, 2005, the Gold Systems’ Password Reset product version 1.0b2 is free from any significant known security vulnerabilities and that the product is in compliance with current industry best practices for application development and fortification, including encryption and handling of credentials and personally identifiable information.

Listen to the Solution

Gold Systems Password Reset

Web Enrollment

• Login– Windows login– Domain identification

• Short Answer Questions– Example:

• What is the name of the grade school you attended?

• Number Questions– Example:

• What is a number you will remember?

• Date Questions– Example:

• What is an important date you will remember?

• Successful Enrollment– Can use the system within 24

hours– Configurable number and type of

questions

Web Administration• Directory Service

– Primary & secondary servers– Multiple domains/trees– Password Constraints

• Length• Include special characters,

numbers, and upper case letters• Deployment

– Email parameters• Administrator email• Email server information

– Enrollment parameters• Number and type of questions

– Voice application parameters• Number of Authentication

questions• Lockout failures• Force password change• Password expiration• Transfer parameters

Reporting• Enrollment Percentage

– Eligible employees– Enrolled employees

• Threat Level– Overall threat index

• Password Reset Activity– Number of failed and successful

resets– Dropdown reports by day, hour– Individual reset data

• Enrollment Activity– Number of failed and successful

enrollments– Dropdown reports by day, hour– Individual enrollment data

Localized Applications

• Voice Applications– US English– North American Spanish– Canadian French

• Web Applications– US English - Dutch– Spanish - Brazilian Portuguese– French - Korean– Italian - Japanese– German - Simplified Chinese

Password Reset Demo

• Identification– Uses Windows login– Speak the characters including special

characters and numerals– Domain disambiguation

• Confirmation– Verify the caller’s id

• Authentication– Speaker Verification (if applicable)

• Based on Persay technology– Authentication Questions

• Random questions based on enrollment• Does not indicate incorrect answer until failure• Configurable question parameters

• Password Reset– Configurable password constraints– Temporary password (5 minutes to 2 weeks)

• Call 866.212.4254

• Say “Password Reset”

• Follow prompts

Case Study – Schindler Elevator

• Schindler Elevator, the North American operating entity of the Swiss-based Schindler Group, the world’s largest escalator manufacturer and the second largest elevator manufacturer employs over 6,500 people in more than 250 locations throughout North America.

• Schindler Elevator Corp. was seeing a 500 percent growth in the number of call center calls with 25 percent specifically related to password reset issues.

• On average, each employee needed password reset twice per year • With the typical call, the process took 15 minutes to complete or nearly 3,000 man-

hours each year • Password reset access jumped 54 percent• Call volume decreased 25 percent • ROI within 4 months

“We expect an ROI under four months. There are also administration savings and productivity gains that are hard to measure, but just as real.”

Kevin RileyManager, End User ComputingSchindler Elevator Corp.

* Source – Microsoft Corporation

Thank You

Since 1991, Gold Systems has built solutions for 500+ leading enterprises…

Jason GroshartDirector of Product Engineeringjgroshart@goldsys.com800.988.7798 and say “Jason Groshart”