- Research confirms enterprise single sign-on (ESSO) technology slashes helpdesk burden through automating the log-in process to multiple applications
- Concern raised for business security, only 11 percent of organisations practising ESSO use strong authentication
London, UK— Over 60 percent of companies that have implemented enterprise single sign-on (ESSO) technology have seen a reduction in calls to the IT helpdesk according to independent research carried out by Winmark and launched today by RSA Security, the expert in protecting online identities and digital assets.
On average, an organisation in the UK will log 1,924 helpdesk calls each week¹, each at an estimated cost of $25 - $50 cost per call 2. With analyst group Gartner reporting up to 30% of all helpdesk incidents request password resets 3, password management represents up to $1.5m (£800,000) of IT operations per UK company per year.
Tim Pickard, Area VP of International Marketing, RSA Security, commented: “Password resets continue to demand considerable IT resource which is purely a cost sink for UK businesses. Our research shows that reducing the number of passwords users are required to remember can reduce helpdesk calls and minimise the cost of managing the IT helpdesk.”
ESSO technology allows users to gain access to all authorised applications automatically through a single logon process, for example by entering a username and password or through a username and physical two-factor authentication device, without having to prove their identity for each application. This in turn reduces the number of calls to the helpdesk to reset user logon details, as users only need to remember one logon.
The research data also reveals that awareness and understanding of ESSO technology in the market is low. Half of the IT decision makers surveyed in the UK do not have a good understanding of ESSO technology and therefore are not realising the cost benefits of the technology to their organisation. However, the research indicates that despite poor overall awareness, adoption is relatively high, with 24% of UK businesses currently utilising an ESSO system.
Pickard continued: ”Interestingly this research shows that the primary drivers for UK businesses to deploy ESSO technology are cost savings, ease of use and increased security for remote workers. In today’s economy where the IT department has to do more with less, implementing ESSO can significantly reduce the helpdesk burden by cutting password resets. This alone limits sunk IT operations costs and frees up budget for revenue generating IT projects. The lack of awareness regarding the potential savings through using ESSO solutions is both surprising and disappointing.”
Enterprise single Sign-On, a security risk?
The findings clearly demonstrate the potential and perceived benefits of ESSO technology; however the research also raises concerns for the security of businesses using it in isolation. A lthough UK businesses that have deployed ESSO solutions are realising significant cost savings, experts are concerned that security is not front of mind for IT decision makers. Only one in ten companies implementing ESSO use it in conjunction with strong authentication. Even more alarming is that 40 percent of those surveyed plan to implement within the next two years but only a quarter plans to use it in conjunction with strong authentication.
Strong (or two factor) authentication involves the use of a remembered PIN in combination with additional authentication technology to positively identify users before they are allowed access to company systems. The research shows that the most commonly deployed strong authentication technology is the time-synchronous hardware token, followed by smart cards.
Pickard commented: “The benefits of users being able to access all applications with a single log-in reduces the complexity of user logon and password management for IT administrators. However, businesses also need to be mindful of the security implications. When implementing ESSO technology companies need to ensure that strong authentication is in place to verify who the user is without the fear of compromise.”
RSA® Sign-on Manager is the only solution that joins ESSO, self-service emergency access and strong authentication for Microsoft â Windows â desktops and networks. The software assists enterprises in bolstering compliance by helping to reduce the causes of unsafe behaviours that develop when users are forced to manage a plethora of passwords.
