You are on page 1of 3

25  JUNE  2012        

TNT  saves  £1  million  with  self-­‐service  password  resets.  

  Self-­‐service   password   resets   have   saved   TNT   an  estimated  £1  million  per  annum       Logistics  company  makes  huge  saving  by  removing  the  burden  of  resetting  user   passwords  from  the  helpdesk   As  long  as  passwords  are  used,  employees  will  forget  them.  For  many  IT  support   functions,   resetting   user   passwords   is   a   time-­‐consuming   and   repetitive   burden   on  resources.     Two   years   ago,   at   global   logistics   provider   TNT,   the   burden   had   become   too   great.  With  32,000  IT  users  around  the  world,  the  company's  IT  helpdesks  were   inundated  with  password  resets  requests.     "We   were   getting   a   lot   of   complaints   from   helpdesk   managers   about   the   number   of   password   resets   their   staff   had   to   do,"   recalls   Mark   Lawley,   identity   management   infrastructure   team   leader   at   TNT.   "One   of   our   divisions,   the   Benelux   unit,   worked   out   that   password   resets   took   up   the   equivalent   of   one   whole  employee's  time."     The   company   did   not   know   precisely   how   many   requests   were   made   –   it   was   often  easier  for  helpdesk  staff  just  to  perform  the  reset  without  logging  the  issue   in  its  IT  service  management  systems  –  but  it  knew  it  was  too  many.     And  it  was  not  just  a  workload  problem.  Resetting  passwords  over  the  phone  is   not  the  most  secure  approach,  and  it  left  open  a  window  for  potential  compliance   violations.   "If   a   van   driver   hasn't   turned   up   and   someone   else   needs   to   access   their   system,   the   easiest   way   is   to   phone   up   the   helpdesk   and   pretend   to   be   them."      

Source:  http://www.information-­‐­‐and-­‐continuity/it-­‐case-­‐ studies/2109828/tnt-­‐saves-­‐1-­‐million-­‐with-­‐selfservice-­‐password-­‐resets.thtml    

com/channels/security-­‐and-­‐continuity/it-­‐case-­‐ studies/2109828/tnt-­‐saves-­‐1-­‐million-­‐with-­‐selfservice-­‐password-­‐resets.     Lawley   and   his   team   therefore   collaborated   with   business   users   around   the   world   throughout   the   development   of   the   system.   By   the   time   it   had   been   deployed  in  all  but  a  few  countries.     The   implementation   began   in   2010.  the  system  has  not  been  difficult  to  deploy  so  far."  he  says.  we're   saving  just  over  £1  million."     "It   was   also   important   to   get   support   from   our   [local   IT   staff]   because   they   were   going   to   have   to   sell   the   solution   to   users.  "We  had  estimated  that  each  password  reset  cost  us  about  £10  in  [IT   support]   time.  so  TNT  used   the   Graphical   Identification   and   Authentication   (GINA)   functionality   of     Source:  http://www.   "If   they   weren't   engaged   and   felt  it  was  too  difficult  to  use.     That.  Identity   Minder   hooks   into   applications   through   what   CA   calls   a   'Java   connector'.     This   is   more   than   Lawley   anticipated.  "The  key  to  this  project  was  getting  user  engagement.  "We  also  estimate  that  each  self-­‐service  reset  costs  around  85%   less.   and   TNT   has   linked   it   in   with   all   of   the   applications   for   which   there   are   "out   of   the   box"  connectors."   he   says.500  a  week  figure  by  52  weeks  for  each  year.thtml     .TNT   decided.  they  wouldn't  have  encourage  users  to  adopt  it.     But   the   success   of   the   system   also   relied   heavily   on   encouraging   employees   to   use  it.   to   support   self-­‐service   password   resets   using   CA   Technologies'  Identity  Minder  software.   lost   business   productivity."  he  says.  for  example.     "So  when  you  multiply  that  2.  and  we  are  looking  to   see  whether  we  need  to  use  TNT's  own  Java  programmers  or  use  CA  services  to   integrate  them."  says  Lawley.information-­‐age.  "We  showed  them   the  system  and  used  their  feedback  on  the  user  interface.  Lawley  and  his  team  found  that  the  system   was  support  2.500  password  resets  a  week.     Winning  engagement   Technically  speaking.     "That  leaves  us  with  applications  that  we  built  ourselves."     The   system   allows   users   to   reset   their   passwords   once   they   are   logged   into   their   desktop."  he  explains.  translates  to  huge  monetary  saving  for  the   company.  and  allows  users   to  reset  their  own  passwords  from  a  portal  on  their  own  desktop.   and   the   technology   to   support   it.   and   means   that   the   system   had   "pretty   much"  paid  for  itself  after  a  year  of  full  deployment.  Of  course.   therefore.   and   over   the   last   two   years   TNT   has   been   rolling   out   the   system   across   it   many   geographies.  users  might  also  forget  their  desktop  passwords.   "We   wanted   the   business   to   see  the  look  and  feel  of  what  we  were  building.  The  tool  integrates  with  IT  systems  and   applications  to  access  user  account  and  password  information.    Lawley  and  his  team  calculated."     Lawley  explains.

g.   TNT   stuck   to   just   six.   "What   is   your   mother's   maiden   name?").   the   challenge   of   identifying   six   questions   that   were   culturally   relevant   for   every   one   was   not   trivial.   "The   various   business   units   handled   that   in   different   ways.   as   the   chance   that   users   might   forget   which   question   they   answered  could  have  lead  to  yet  more  password  reset  requests.  as   well   as   'single-­‐sign   on'   functionality   based   on   CA's   Site   Minder   product.Microsoft's   Windows   operating   system   to   install   a   pre-­‐login   password   reset   function  based  on  memorable  information  questions.   This.   Nevertheless.   Others   went   the   other   way.  giving  employees  USB  keys  for   completing   the   answers.  "Some  of  them  had  competitions.   Lawley   admits.  deploying  the  functionality   was  valuable  way  to  start  its  password  security  management  refresh.  but  with  such  a  rapid  return-­‐on-­‐investment.information-­‐age.     TNT  is  now  implementing  out  Identity  Manager's  user  provisioning  features."   explains  Lawley.   for   which   they   needed   some   encouragement.   and   asked   us   for   a   list   of   users  who  hadn't  done  it.     That   required   employees   to   provide   the   answer   to   one   of   six   questions   (e.         Source:  http://www."     With   employees   in   over   40   countries.   may   make   self-­‐service   password   resets   redundant   for   many   systems.thtml     .com/channels/security-­‐and-­‐continuity/it-­‐case-­‐ studies/2109828/tnt-­‐saves-­‐1-­‐million-­‐with-­‐selfservice-­‐password-­‐resets.