Computerworld recently reported KPN closed down its self service portal for its corporate customer care service, as 2/3 of them had never changed their default password; a security disaster waiting to happen.
KPN security breach closes self service portal
It struck me that this is what self service password management (SSPM) solutions are surely for!
Here are some benefits that SSPM solutions like Nervepoint Access Manager can provide:
- Periodic password renewal – even if your end system does not have password renewal capabilities SSPM solutions can be configured to enforce password changes periodically, with administrators able to define the renewal period according to business requirement/risk/security policy.
- Enforced password complexity – SSPM solutions can enforce complex password rules. Password policies can configure password length, format, use of numbers, symbols etc. Passwords which match or are similar to usernames can be disallowed.
- Multiple access points – the key to user adoption is convenience and something like Nervepoint Access Manager not only provides a web-portal for customers to manage their identity but also through a convnient mobile app which helps encourage end user take up.
- Proactive monitoring – with real time data and a raft of management information and reporting functionality, IT admins can get a birds-eye view of customer password activity; those who have not registered with the system, those that keep forgetting their passwords, those locked out etc.
- System alerts and auditing – alerts and notifications of unusual activity can help prevent bad practice or even identity hacking attempts.
Leaving it to SSPM
Any service that requires password or identity management services can benefit greatly from using dedicated solutions. It means you can focus on serving your core customers while leaving password and identity management to specialists.
With API support and branding customers would not lose any continuity or see any difference.