TAM E-SSO (Tivoli Access Manager for Enterprise Single Sign On)

IBM TAM E-SSO Explained

Some of the common challenges we face when it comes to password management

Weakened security due to poor password selection and management

As security threats grow more sophisticated, the pressure is increasing for businesses to control access to valuable network resources and sensitive data. More and more of your company’s valuable information assets are being made accessible online, therefore there is (of course) tremendous pressure to protect those assets from unauthorised access. At the same time there is pressure coming from outside of your organisation, as government regulations demand tighter security standards and more accountability.

To further complicate matters, your infrastructure is always evolving. There are a variety of different hardware and software solutions which make up you infrastructure – all acquired at different times and sourced for different purposes - and there are no enduring security standards to work to.

The more responsibilities you have, the more systems you access on a day to day basis. It's not uncommon for users to manage between 5 and 20 passwords just to carry out their day-to-day tasks.

Quantifiable cost

When you consider the everyday requirements for password management for every user, the complexity, cost and commitment required to secure your infrastructure is easily quantifiable as a significant cost:

• Every application password has unique requirements;
• Update intervals differ on a system by system basis; and
• The more passwords you have, the easier it is to forget or confuse which password is for which system.

There are two common ways that users try to cope with password complexity:

• They try to pick the easiest, most memorable password phrases, making them easier for a third party to guess or crack; and
• They may resort to storing passwords in an offline system.

Ironically, it is often your senior technical resources that have the most access rights, with the highest levels of authorisation and the biggest need for simplified password management.

User frustration and complaints due to password and security complexity

For the average user, having to remember all of their passwords is not always going to be a simple task. When they inevitably forget a password, and incorrectly submit the wrong password too many times, they face being locked out.

That impacts you in a number of ways:

• The user is non-productive and their workflow is disrupted until they can get their password reset;
• IT resources are diverted to perform the reset; and
• A lack of access, however temporary, represents a real cost to the business in terms of productivity and revenue.

What is the real cost of password-related support calls?

As password management becomes more complex, the cost of password resets can really add up. For the typical enterprise, according to Gartner, password resets constitute between 40% and 60% of help desk calls at an average of $25 per call. The Giga Information Group estimates that the average 10,000 user company spends $1 to $4 million on password resets per year.

What does TAM E-SSO help us achieve?

A single key to the door

A simple principle, but one of the most effective controls. By ensuring users only need to remember one password helpdesk calls are reduced and control is increased. If users only have to remember one password, then enforcing complex password rules and integrating two-factor security controls with this single logon and TAM E-SSO is simple.

A simplified user experience, improved productivity and a reduction in help desk calls

Removing the need to remember multiple passwords reduces complexity and simplifies the end user experience, reducing password related help desk costs and improving productivity.

Through TAM E-SSO’s workflow automation, it’s simple to automate user interactions after successful authentication to place the user where they need to be within an application, ready to work.

For all managed applications, TAM E-SSO’s Single Sign-On (SSO) capabilities manage all parts of the account lifecycle process, from inserting the right credentials and information at logon to password change, and logoff operations.

A rapid route to value

Tivoli Access Manager for Enterprise Single Sign-On is easy to deploy and will not require changes to your infrastructure. Supporting various enterprise directories without schema modifications or extensions, TAM E-SSO allows you to take advantage of the directories and databases that you are already using today for administrative information.

Re-using your existing repositories as they stand today not only rapidly accelerates deployment; it can also save you the cost and effort of switching data to a new, vendor specific, database.

The integrated profile wizard and visual profiling technology lets you quickly generate single sign-on access for all of your Windows, Web-based, Java, or mainframe applications. It's as easy as selecting the task to automate, and dragging and dropping the targets, with no scripting required.

Tivoli Access Manager for Enterprise Single Sign-On is scalable, with an open architecture and open interfaces to enable you to leverage your existing data and disaster recovery infrastructure.

Facilitate Governance, Risk and Compliance management

TAM E-SSO offers extensive audit capabilities, and integrates with leading compliance products such as IBM Tivoli Compliance Insight Manager to provide consolidated reports that show which applications were accessed by whose accounts.

Providing a comprehensive set of reports, complete with timestamps and IP addresses, deploying TAM E-SSO enables you to centrally track activities that standard application logs may not be able to track.

With these centralised and customisable tracking capabilities you can easily record access and address regulatory mandates with minimal IT burden.

Tivoli Access Manager for Enterprise Single Sign-On Summary Table

Automate, strengthen and track access with the following business benefits:

	Compliance reporting 75% reduction in audit tracking costs
	User productivity 85% reduction in time-to-information
	Strengthen security Improved identity assurance and 100% sign-off
	Help Desk cost reduction 35-45% reduction in IT Help Desk costs

Find out more

We hope that you have found the information on this page useful and interesting. If you have any questions or would like to understand more about the benefits that this type of deployment could bring to your organisation, simply let us know using the link below.