- March 14, 2017
By Dean Wiech, Tools4ever
One of the primary issues that employees in manufacturing facilities encounter, regardless of if they are front office or plant floor, is the number of user names and passwords they need to remember.
By Dean Wiech, Managing Director, Tools4ever
One of the primary issues that employees in manufacturing facilities encounter, regardless of if they are front office or plant floor, is the number of user names and passwords they need to remember. Best case scenario, the employee attempts to remember them all, but frequently needs to call the helpdesk to reset the network or application passwords resulting in a loss of productivity and burden on the IT staff. Worst case scenario, this leads to employees writing the credentials down on sticky notes conveniently stored under the keyboard or attached to the side of the monitor. The end result is either helpdesk overload, or a threat of data breech – neither of which are particularly desirable outcomes.
Solutions to Password Fatigue
There are various solutions for resolving these issues automatically and reducing password fatigue. They vary greatly in complexity, cost and security for the organization. What follows are a few pros and cons of some of the solutions.
The first involves password synchronization – the network password is synchronized to all other applications in use at the facility. Any time a user updates his or her password, the password is reset in any connected system. The benefit is that instead of needing to remember upwards of a dozen passwords, the employee now only needs to remember the one. In theory, this seems like a great idea to reduce password fatigue but it can be a challenge. The first challenge is password complexity. Rules most likely vary between the systems, as well as the frequency of password change requirements.
The network may require eight characters with upper and lower case along with a special character while a legacy system may only accept six characters with no ability to handle special characters. Another system may require a password change every 90 days while another needs one every 30 days. Then there is the issue of user names. More than likely, when the systems are set up there were different formats utilized. “J.DOE” in the network is the same employee as “JOHN_DOE” in an ERP system. While not insurmountable, these differences can result in a challenging implementation. Changes may be needed in various systems to accommodate password requirements and a database needed to link the various usernames back to an individual. This type of solution still requires employees to remember the various user names and actually key them in each time they wish to access an application.
A second viable solution is a single sign-on (SSO) application. In this case employees truly only need to remember one user name and one password. The SSO solution stores the user’s credentials in a secure, encrypted database and populates them automatically whenever an application is accessed. The user needs to provide the credentials only once and the application can handle password changes requirements by prompting the user to enter a new password or handling the request behind the scenes. The advantages here are far more extensive. Password fatigue is significantly reduced for employees and the need to only remember one password reduces the number of calls to the helpdesk for reset requests. Security is also improved because credentials are no longer written down and by shutting of an individual’s SSO profile; access to applications is immediately revoked.
The challenges associated with SSO are primarily focused on evaluation of the software in your environment. Most manufacturers have a mixed landscape of applications – network, cloud and legacy mainframe are all in use on a daily basis and finding the correct solution and ensuring it works with all of your required applications can be tough. In addition, implementing the SSO in a redundant, fault tolerant environment is critical. As employees rapidly become dependent on the solution, a single point of failure could have a dramatic impact on business.
Boosting Efficiency and Security
When implementing either model, one of the key benefits is the reduction of the number of password employees need to remember from many to one. Inevitably, as is human nature, that one password will be forgotten at some point in time. Most providers of password synchronization and SSO applications also provide the ability for end users to reset their single password. By using a series of challenge response questions, end users can reset their password or unlock their network account right from the Windows login screen or a web site. While the new password must comply with network complexity and history requirements to ensure security, the main benefits here are the further reduction in calls to the helpdesk and the 24x7 availability of the password reset application versus the normal operating hours of the helpdesk.
Regardless of which methodology a manufacturer decides to employ in their environment, reducing password fatigue for employees, and lessoning the burden on the helpdesk, can go a long way to making everyone’s life a bit easier.
About the Author
Dean Wiech is managing director of Tools4ever.
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe