It’s always staggering when we speak with our clients how many people are actually on their encryption team and how much time and effort they spend just trying to get things right. Are you any different? How many people are on your encryption administration team? How much time do they spend on user management?
Before I started working here at WinMagic, I had six people on my encryption team managing: 10,000 laptops and 20,000 users; whereby, 90 per cent of our time was spent on adding users and password resets. There was no way, one person could manage a workload like that. Boy how I wish I had a solution back then which could help make things easier. For example, one of the technologies that would’ve really helped was Pre-boot Network-based Authentication.
This type of authentication is like standard Pre-boot authentication except it’s more akin to having a bouncer at the door on steroids ensuring only the right people get in. Taking the authentication portion directly to the network (and verifying against Active Directory for current credential validation) vs. doing it locally on the PC where old credential settings may still apply.
Not only does Pre-boot network authentication give a greater level of security, it also offers huge cost savings. From a management perspective, it allows IT staff to free up their time to perform other duties that will add value to the organization, resulting in more efficient and effective employees.
So in a nutshell, pre-boot network authentication would deliver:
- HUGE costs savings through faster resolution of password reset and simple device staging – In a recent survey conducted by WinMagic and the Ponemon Institute, results showed the estimated time spent on something like password resets is 20 minutes per user. Pre-boot network-based authentication could reduce that to 5 minutes!
- Automated user provisioning – Again, making me, as an administrator very happy. My desktop team is also happy now that they don’t have to wait for someone from the encryption team to process a request to add a new user to a machine.
- No more “I’m locked out of my laptop” calls (for me, these always came in at midnight) because now users can just follow their standard process for password resets in AD via the Service Desk. The administrator in me is again, REALLY happy with this one (and so is my wife)! My users are also happy here because they don’t have to follow a separate process anymore.
The list could go on and on, but I have to get back to work.
If you’re reading this, you might be thinking to yourself, “There’s no way one person could deploy and manage my company’s encryption solution.” You might be right, but there are solutions out there that can help, solutions like PBConnex.