1 password reset effortless, self service user password reset

26
1 Password Reset Effortless, Self service User Password Reset

Upload: helena-joseph

Post on 22-Dec-2015

274 views

Category:

Documents


5 download

TRANSCRIPT

Page 1: 1 Password Reset Effortless, Self service User Password Reset

1

Password Reset

Effortless, Self service User Password Reset

Page 2: 1 Password Reset Effortless, Self service User Password Reset

2

• Internationally renowned IBM i solutions provider since 1983

• Product lines:• iSecurity Infrastructure Security• iSecurity Application Security• System tools: file editor, performance tuning

• Products installed in over 40 countries, more than 12,000 licenses• Worldwide distribution network• IBM Advanced Business Partner: QRadar and Tivoli• Partnerships and product integration with major global security (SIEM

& DAM) providers such as Imperva and McAfee and also: • HP (ArcSight & Openview)• CA UniCenter• RSA enVision• GFI, Juniper, Splunk, NNT and others

About Raz-Lee Security

Page 3: 1 Password Reset Effortless, Self service User Password Reset

3

iSecurity Products Overview

EvaluationEvaluation

Compliance Evaluator

for SOX, PCI, HIPAA…

Visualizer- BI for

security

Syslog, SNMP for SIEM

AuditingAuditing • Audit QAUDJRN, Status…• Real-time Actions, CL scripts• Capture screen activity • User & Sysval Replication• Compliance: Users, Native, IFS• PW Reset & User Provisioning• Change/PTF Tracker

ProtectionProtection • Firewall FTP, ODBC,… access• Obtain Authority on Demand• Monitor CL Commands • Native Object Security• Anti-Virus protection• Central Admin of LPARs

DatabasesDatabases • DB-Gate: SQL to non-DB2 DBs (Oracle, MS SQL,…)

• AP-Journal for DB audit, filter, archive, real-time alerts

• View/hide sensitive data • FileScope secured file editor

SecurityAssessment

FREE!

PCI, HIPAA, SOX…

Security Breach

Management Decision

Page 4: 1 Password Reset Effortless, Self service User Password Reset

4

Password Reset- Features Summary

• Web & Green Screen interface

• User identify verification based upon Class (Manager, Agent, Help Desk)

• Supports assistance from Help Desk without compromising security

• Supports importing corporate HR files to pre-populate user identity info

• Supports multi-lingual and user-defined questions

• Full audit trail and reporting

• Integrates with other iSecurity products: User Management, Replication, Provisioning, Central Administration, Report Generator & Scheduler

Page 5: 1 Password Reset Effortless, Self service User Password Reset

5

Password Reset- A Self-Service, Reliable Solution

• Simple to use and administrate:• Web and Green screen user interface• Green screen administration

• Adjustable per the class (i.e. sensitivity) of the user. Ensures that the user is who they say they are, prior to disclosing the personally entered questions.

• Allow Help Desk to easily assist users without compromising security or efficiency of procedures

• Enable the enterprise to “introduce” the product to the organization with minimum overhead:

• Uses existing HR data files• Auto request for entering personal questions

• Full Report Generator

Page 6: 1 Password Reset Effortless, Self service User Password Reset

6

Guidelines

• Users are classified by “Classes” (manager, programmer, agent); each class can have different verification rules

• 3-Step Process:• Initial Identification: Use HR info to verify the user is who they say they are

(periodic changes to the process are recommended)• Verify the user has access to their e-mail• User defines personal questions

• Type and number of Verification rules is controlled per Class:• By Email, By Text Message to their cell phone• Number of verification types can be Either, Both or None

• Questions & Answers are personal and displayed only after verification. Standard questions are provided.

Page 7: 1 Password Reset Effortless, Self service User Password Reset

7

Password Issuing and User Enabling

• Passwords can be:• Displayed on the screen• Sent by e-mail

• Password Issuing/User Enabling:• If user wishes - Just enable the user (retains the same password) • New password is generated • Password has to be entered within a specified period of time• Once entered, it must be replaced

• Auditing Usage;• Email to administrator• Message to MSGQ• Product log. Processed by iSecurity Report Generator & Scheduler,

results as e-mail with HTML, CSV, PDF attachments, screen, print, output file, etc.

Page 8: 1 Password Reset Effortless, Self service User Password Reset

Password Reset Workflow:User Registers Once with Personal Question

Self Authentication

Help Desk

Sign on withFORGOT PASSWORD

Answer Personal Questions

Receive email with Validation Code

Enter Validation Code

Enter Temporary Password and assignment of new password

Receive email with Temporary Password

Sign on with new password

Forgot Password?

Page 9: 1 Password Reset Effortless, Self service User Password Reset

9

Additional Product Features

• Reason for password reset process rejection is hidden from the user. Instead, user is referred to the Help Desk with a Reason ID

• The user profile and the password are never sent in the same Email

• Support for pre-loading user file with corporate HR data. Product can restrict the personal Email to the corporate domain

• First time entering of personal questions can be requested automatically at signon

• Questions appear if there are no questions at present• Questions appear only during certified Help Desk hours• Product controls the number of users who can signon during a set period to

avoid possible Help Desk overload

• Multi-lingual - support for up to 10 languages simultaneously

Page 10: 1 Password Reset Effortless, Self service User Password Reset

10

Password Reset: Integration within iSecurity Suite

• User Replication

• User Provisioning

• Help Desk Support

• Central Administration

• Road map:• Multi System support

Page 11: 1 Password Reset Effortless, Self service User Password Reset

11

Password Reset Main Menu

Page 12: 1 Password Reset Effortless, Self service User Password Reset

12

Password Reset Main Menu

Page 13: 1 Password Reset Effortless, Self service User Password Reset

13

Using Password: Personal Details Screen

Page 14: 1 Password Reset Effortless, Self service User Password Reset

14

Password Reset Class Definition

Page 15: 1 Password Reset Effortless, Self service User Password Reset

15

Identifying the User

Page 16: 1 Password Reset Effortless, Self service User Password Reset

16

Successful Identification Verification Code Sent

Page 17: 1 Password Reset Effortless, Self service User Password Reset

17

Verification Code from E-Mail

Page 18: 1 Password Reset Effortless, Self service User Password Reset

18

Personal Questions & Answers

Page 19: 1 Password Reset Effortless, Self service User Password Reset

19

Reset Password with Temporary Password

Page 20: 1 Password Reset Effortless, Self service User Password Reset

20

Temporary Password Sent

Page 21: 1 Password Reset Effortless, Self service User Password Reset

21

Temporary Password Received

Page 22: 1 Password Reset Effortless, Self service User Password Reset

22

Must Define New Password

Page 23: 1 Password Reset Effortless, Self service User Password Reset

23

Change Password

Page 24: 1 Password Reset Effortless, Self service User Password Reset

24

Password Reset Web Interface

Page 25: 1 Password Reset Effortless, Self service User Password Reset

25

Web Interface: Enter Verification Code from e-mail

Page 26: 1 Password Reset Effortless, Self service User Password Reset

26

Thank You!

Please visit us at

[email protected]