I was speaking to a client the other day about our
Password Manager program that allows self-service password resets and he asked me “How many of the users will actually use this?”. I thought that was an odd question at first but then I looked back to my years as a Systems Admin, Systems Engineer, product installer and trainer and thought, maybe that wasn’t such an odd question after all, but a serious issue that some organizations struggle with. Most clients I have spoken with estimate that about 30% of their Helpdesk activity over time is dedicated solely to unlocking and resetting user accounts. So if just 50% of the user population makes use of your self-service password reset software, you can cut the load on your helpdesk by 15%. That is well worth the effort to bringing your users into the fold.
Most clients I have spoken with estimate that about 30% of their Helpdesk activity over time is dedicated solely to unlocking and resetting user accounts. So if just 50% of the user population makes use of your self-service password reset software, you can cut the load on your helpdesk by 15%. That is well worth the effort to bringing your users into the fold.
There is no question that the bulk of your average user base is resistant to change. Even if you can prove to them without a doubt that this ‘new way’ will make their lives easier they sometimes seem to refuse to get on board almost out of spite. So what happens when you send an email out to all of your users with detailed instructions asking them to enroll in this new piece of software which will improve the companies security, make their life easier and make your life easier? Well if your users are like most you’ll probably get a 20-30% voluntary enrollment rate (Some might find that optimistic). Another 30-60% that will ‘get around to it eventually’ and then the remaining group that has no idea what you’re talking about because they either just deleted your email or didn’t actually bother to read it.
So what can you do to have your users enroll in this type of software? In some cases many of my clients from Universities and Colleges know that their student population isn’t going to bother to enroll so they simply ‘bulk upload’ all of the question and answer pairs at once from the mountain of data that they’ve gathered from the student application process. That works great particularly when you have a lot of turnover and you are constantly adding and removing thousands of users at a time. Unfortunately most larger corporations do not have this option. Privacy concerns are sometimes so high that putting HR data into the hands of anyone outside of HR (and even to some within HR) is tantamount to treason.
That leaves us with some additional options, one of which is simply nagging the users to enroll. If there is a “nag-the-user” function built into the program, (perhaps on the client for example) this can make things a bit easier by hassling the users until they finally give in and spend 4 minutes enrolling. In this same vein you should be able to pull the users that have enrolled in the program and send targeted emails to the remaining users or possibly to the department heads (assuming they aren’t among the worst offenders) to enroll. This methodology often has its limits as well.
Some clients resort to the ‘tough love’ approach in one form or another. So If a user calls the help desk, they will unlock your account, but then ask to walk you through the enrollment process while you’re still on the phone so they can cross one more person off the list, possibly with a veiled threat of a grace period that is coming due (This is especially true if you’re using Identity Management within the helpdesk which relies on their enrollment). If you do not have a 24 hour helpdesk, but you have 24 hour users this gives you a different avenue. When they call you at 9pm one night about not being able to enroll you can say “I’m sorry I’m out right now and don’t have access to the network, but you should have no problem getting in yourself. You did enroll into the password self service program, didn’t you?”. This will meet with various levels of success depending on your organization and honestly who’s calling. If it’s the CEO you probably want to ‘get’ access to the network ASAP.
Obviously with the ability to be such a huge time saver, Password Management Self-Service programs can be a huge boon for your Organization and your already overtaxed IT staff. The trick is to make your users realize that it can be a big benefit to them and get them enrolled by any means necessary. Are you using the NetWrix Password Manager software or some other self service tool? Have you come up with any other interesting ways of getting your user base enrolled? If so I’d love to hear your advice and experiences below.