Users and Their Identities#

Day One#

To demonstrate, let’s follow a mythical person we’ll call Sam as he starts his new job on day one.
  1. Arrives at work and tries to locate his new boss.
  2. Ends up filling out paperwork for:
    • Network Access
    • Email Access
    • Windows Domain Access
    • Internet Access
  3. Has to borrow a computer as his has not been imaged yet.
  4. Has to be logged into the computer as someone else as he has not completed Item 1 yet.
  5. Tries to make a phone call, but the phone in his cube is not working yet.
Reality is, it usually takes more than a week for Sam to get access to the basic items required to do his job. One of the goals for the IDM is to reduce this time frame.

A typical day in the Life of an Employee.#

Sam has been here now for six months and his schedule for a typical day looks like:
  1. Employee arrives at the parking garage and provides a Parking card to allow access into the parking garage.
  2. Employee provides a proximity card to allow access to the building.
  3. Employee provides a User Name and Password to allow access to his computer.
  4. Employee provides a User Name and Password to allow access to the organization's Network. This of course maybe passed from his workstation to the network without the employee's intervention.
  5. Employee opens his email and is prompted for a User Name and Password to allow access to the email server.
  6. Employee opens a browser and is prompted for a User Name and Password to allow access to Organization's portal.
  7. Employee opens a browser and is prompted for a User Name and Password to allow access to the Internet.
So far we have seven authentication events that take place within the first 15 minutes of the typical workday.

In addition to the above there are 30 other applications that Sam needs to access over the course of a year and they all require s user name and password. Some of these applications, like benefits enrollment Sam only needs to use once or twice a year. Then from Sam's perspective, just to make it more exciting, all of his passwords he uses in a typical day:

  • Expire at the same time. Some are every 30 days some are every 90 days and some never expire.
  • The password complexity policies are different for each password.

So no one is surprised that Sam has a secret file or piece of paper where he keeps his current user names and passwords. Oh, and if Sam were an application developer or Network administrator, he would have more than 80 user names and passwords that hs would need to track.

Identity Management should be an easy sell to users by offering them:

  • Shorter time when hired to become productive.
  • Reduced or Consistent Sign On to hopefully many of the resources they need to use.
  • Consistent Password policies for expiration and complexity.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-6) was last changed on 02-Dec-2015 13:16 by jim