Presentation on theme: "1 Password Reset Effortless, Self service User Password Reset."— Presentation transcript:
1 Password Reset Effortless, Self service User Password Reset
2 Internationally renowned IBM i solutions provider since 1983 Product lines: iSecurity Infrastructure Security iSecurity Application Security System tools: file editor, performance tuning Products installed in over 40 countries, more than 12,000 licenses Worldwide distribution network IBM Advanced Business Partner: QRadar and Tivoli Partnerships and product integration with major global security (SIEM & DAM) providers such as Imperva and McAfee and also: HP (ArcSight & Openview) CA UniCenter RSA enVision GFI, Juniper, Splunk, NNT and others About Raz-Lee Security
3 iSecurity Products Overview Evaluation Compliance Evaluator for SOX, PCI, HIPAA… Visualizer- BI for security Syslog, SNMP for SIEM Auditing Audit QAUDJRN, Status… Real-time Actions, CL scripts Capture screen activity User & Sysval Replication Compliance: Users, Native, IFS PW Reset & User Provisioning Change/PTF Tracker Protection Firewall FTP, ODBC,… access Obtain Authority on Demand Monitor CL Commands Native Object Security Anti-Virus protection Central Admin of LPARs Databases DB-Gate: SQL to non-DB2 DBs (Oracle, MS SQL,…) AP-Journal for DB audit, filter, archive, real-time alerts View/hide sensitive data FileScope secured file editor Security Assessment FREE! PCI, HIPAA, SOX… Security Breach Management Decision
4 Password Reset- Features Summary Web & Green Screen interface User identify verification based upon Class (Manager, Agent, Help Desk) Supports assistance from Help Desk without compromising security Supports importing corporate HR files to pre-populate user identity info Supports multi-lingual and user-defined questions Full audit trail and reporting Integrates with other iSecurity products: User Management, Replication, Provisioning, Central Administration, Report Generator & Scheduler
5 Password Reset- A Self-Service, Reliable Solution Simple to use and administrate: Web and Green screen user interface Green screen administration Adjustable per the class (i.e. sensitivity) of the user. Ensures that the user is who they say they are, prior to disclosing the personally entered questions. Allow Help Desk to easily assist users without compromising security or efficiency of procedures Enable the enterprise to “introduce” the product to the organization with minimum overhead: Uses existing HR data files Auto request for entering personal questions Full Report Generator
6 Guidelines Users are classified by “Classes” (manager, programmer, agent); each class can have different verification rules 3-Step Process: Initial Identification: Use HR info to verify the user is who they say they are (periodic changes to the process are recommended) Verify the user has access to their e-mail User defines personal questions Type and number of Verification rules is controlled per Class: By Email, By Text Message to their cell phone Number of verification types can be Either, Both or None Questions & Answers are personal and displayed only after verification. Standard questions are provided.
7 Password Issuing and User Enabling Passwords can be: Displayed on the screen Sent by e-mail Password Issuing/User Enabling: If user wishes - Just enable the user (retains the same password) New password is generated Password has to be entered within a specified period of time Once entered, it must be replaced Auditing Usage; Email to administrator Message to MSGQ Product log. Processed by iSecurity Report Generator & Scheduler, results as e-mail with HTML, CSV, PDF attachments, screen, print, output file, etc.
Password Reset Workflow: User Registers Once with Personal Question Self Authentication Help Desk Sign on with FORGOT PASSWORD Answer Personal Questions Receive email with Validation Code Enter Validation Code Enter Temporary Password and assignment of new password Receive email with Temporary Password Sign on with new password Forgot Password?
9 Additional Product Features Reason for password reset process rejection is hidden from the user. Instead, user is referred to the Help Desk with a Reason ID The user profile and the password are never sent in the same Email Support for pre-loading user file with corporate HR data. Product can restrict the personal Email to the corporate domain First time entering of personal questions can be requested automatically at signon Questions appear if there are no questions at present Questions appear only during certified Help Desk hours Product controls the number of users who can signon during a set period to avoid possible Help Desk overload Multi-lingual - support for up to 10 languages simultaneously
10 Password Reset: Integration within iSecurity Suite User Replication User Provisioning Help Desk Support Central Administration Road map: Multi System support