1. 1 FastPassCorp, Jesper Oestergaard, Director Business Development, jo@fastpasscorp.com Self-Service Password Management Made easy Vivit Usergroup meeting: Chicago May 24, 2011 ”For your eyes only”

2. Agenda FastPassCorp Self-service The Password problem space The FastPass solution stack Some more nuggets Wrap-up

3. FastPassCorp A/S Founded as IT InterGroup in 2000: –Services in IT security Identity & Access Management –Sold to PriceWaterhouseCoopers June ’08 Now FastPassCorp: –Independant Software Vendor (ISV) FastPassCorp first to introduce AD based password reset, november 2004 –Selling through a network of partners Service Providers, Service Management vendors & Partners, Desktop deployment partners –Listed on Nasdaq OMX Copenhagen Exchange (First North) september 2007: [FASTPC]

4. Customer / partner examples FastPass installations in 13 countries

5. - and – we’re partner with HP in the Enterprise Management Alliance Program..

6. ”Gartner predicts that client self-service will account for 58 percent of all service interactions by 2010, due to their dramatic contribution to the reduction of cost of operating an IT environment” Self-service

7. Do you consider Self-service important and an area to focus? Self-service Do you have a Self-service strategy? What implications do you see and what are your main concerns?

8. In order to enable Self-service people need access Self-service A forgotten password leaves the user without access, so consider password self-service as part of your Self-service initiatives!

9. The Password Pain - Service Desk ( Aberdeen Group ) Calls to IT Service Desk - Gartner analysts says that 20-50% of all Service Desk calls are for password reset - Forrester suggests that the average cost for a single password reset could be as high as $100 - FastPassCorp research indicates anything from $25 - $147

10. The Password pain - user side - Forgotten or a lost password will leave the user un-productive – and frustrated! - Un-productivity can be extreemely costly – and so – a password reset needs severity 1 - So, what’s the price for a single password reset if the requirement basically is 24*7? The average time to resolve a forgotten password request will vary from 4 hours - 40% of industry norm companies takes <1 hour

11. The security issue For a start – lets look at the nature of the password! - Used for (secure!) Identification (authentication) of users - Supposed to be private – ”For your eyes only” - One of three Identification methodologies: ”something you know” ”something you have” ”something you are” Jane45#jacobs§99124%

12. The security issue - continued The password reset proces – a double sided who-is-who - If passwords are ”for your eyes only” – what about person in the Service Desk (or the outsourced Service Desk)? Fact: 60-80% of IT crimes are insiderjobs! - Secure Identification of the user calling, and a secure password handover proces is a demand to accomodate compliancy initiatives ( Sarbanes Oxley act, ISO 27001 etc.) Who is responsible??

13. FastPass Password Manager v3 Utilizes the existing Microsoft infrastructure (AD,ADAM/ADLDS) Secure identification of users (multi-authentication engine) Advanced notification services Access from anywhere (XP, Vista, Windows 7, Browsers (PC & mobile), Service Desk portals (Service Req. mgmt.) Scalable to large and complex environments incl. MSP’s SR/Incident forwarding to HP Service Manager Automated enrolment Services Enforces password policies Multi-system reset for other platforms/systems (SAP, AS/400, SQL, Generic connector etc.) Web-services (SOA) application Fast implementation (1-2 days on windows)

14. Secure identification Configurable Multi-factor authentifikation –Profile based, and the profile is determined dynamically. –Profile is based on attributes and status. Does the session come from a specific network (secure eller insecure). Is the user member of a specific group (Administrator or normal user) Has the user enrolled Does the user have a mobile phone –Personal questions (Challenge questions) –One-time pincode for the mobile phone

15. Easy enrollment Discovery Service –Collects users and groups –Is working almost like Hardware/Software Inventory solutions (Scanning, Collecting, Storing) Enrollment Service –Invites users to enroll into FastPass Password Manager –Enables high enrollment rate and can also be used to inform/remind about the presence –Scheduling of invitations –Operates on a time line where the ”offset” time can be a specific time or a time relative to the discovery of a user –Invitations can be sent by e-mail or SMS High enrollment percentage is necessary to win the productivity gains! New NAG screen in V 3.4!

16. Notification 16 Mail and/ or SMS notification at selected events to receivers Events examples –A password has been reset –A user has tried to enroll –A new user has been discovered Receivers (examples): –The user –The user’ manager –The administrator –The HelpDesk system

17. ”Simple Sign-on”: 1 user / 1 password for all systems Or selective reset per system if required!

18. FastPass Overview

19. Case: G4S Self-service portal

20. And integrated into Self-service portal

21. Self-service portal in Service Management solution

22. Demonstration

23. User Identification and Authentication 2.0 - Challenge / Response questions used by the Service Desk to identify users for other purposes More Nuggets..

24. Access card self-service pin code retreival

26. More Nuggets.. Are considering end-point encryption? FastPass introduces self-service for retreival of bios passwords (end-point encrypted devices) Supported systems: PGP & Checkpoint

27. What’s the value of Password Self-service? Wrap-up