Top 5 Identity Management Pains of 2011
5) Managing privileged accounts: Every IT team uses many user IDs and passwords for managing hardware devices, servers and applications. These accounts rely on default or easy-to-guess passwords in order to allow easy access for administrators, and represent high risks.
4) User account de-provisioning: Disabling inactive user accounts keeps AD secure and clean, preventing malicious activities from former employees or students. User accounts must be disabled when a user leaves, but IT departments are often the last to know of a departure.
3) Password Expirations: Passwords that are not changed within required timeframes can cause help desk calls from users and productivity losses. When users only have AD accounts for VPN, OWA, or file shares and never log on interactively, they never see standard Windows notifications, and are often unaware of pending password expirations until its too late.
2) Account lockouts: AD account lockouts are a major source of helpdesk calls that waste the time and money. Implementation of the strong password policies required by many compliance auditors often result in lockouts that cause productivity losses, user frustration and huge administrative burdens.
1) Forgotten Passwords: Forgotten passwords are the most common IT support issue. Password complexity and expiration policy requirements lead to frequently forgotten passwords and account lockouts, increasing the overall administrative burden.
In response, Netwrix has developed the Identity Management Suite, a purpose-built solution meant to address the above pains in one integrated solution.
Privileged account management: All privileged user accounts are maintained via a secure web-based portal for accessing and automatic maintenance of administrative user accounts.
User account de-provisioning: All user accounts are periodically checked and accounts that have been inactive for more than the specified number of days are reported and optionally deactivated (e.g. disabled or moved).
Password expirations: All AD users are automatically checked to detect those whose passwords are about to expire in a specified number of days, and customizable notification e-mails are sent to appropriate account owners.
Account lockouts: AD account lockouts are tracked and resolved in real-time, with full investigation of root causes of lockouts (e.g. services or mapped network drives setup under stale credentials).
Self-Service password management: Allows users to reset forgotten passwords, troubleshoot account lockouts and unlock accounts on their own through the web-based question-and-answer security authentication system.
Customers who have already purchased any stand-alone element of the Identity Management Suite will receive 100% credit towards their purchase of the suite in other words, all money already spent on a tool included in the suite will go towards an upgrade. Additionally, any suite customer with active support and maintenance is eligible for a free upgrade to any future editions and improvements made to the Identity Management Suite.
Sincerely, The Team at Netwrix Corporation