The SSPR Solution: A Quick Fix for Routine Requests

password reset image

Written by Jackie Bilodeau

I am the Communications Director for CGNET, having returned to CGNET in 2018 after a 10-year stint in the 1990's. I enjoy hiking, music, dance, photography, writing and travel. Read more about my work at CGNET here.

October 29, 2020

Since the start of the pandemic, IT staff has had to adapt to new challenges. Supporting end-users is no longer as simple as a quick trip to the user’s desk. With more people now than ever working from home, troubleshooting certain IT issues has become more complicated. Password resets are one of the most common support requests for both on-premises and remote end-users. Although not necessarily complicated, they take up staff time. Therefore, implementing a self-service password reset (SSPR) solution can be a useful and simple remedy to lessen the burden on your IT department. Another way to put it: Give your end-users the ability to take care of themselves when it comes to the easy stuff.


IT staff stretched thin


Earlier this year, IT staff were assigned the task of providing remote access to resources almost overnight. The magnitude of that assignment was likely overwhelming, particularly at larger organizations and for those that had to temporarily close their doors almost overnight. And of course, IT’s job didn’t end there: Now they were responsible for supporting end-users who were suddenly reliant on home Internet connectivity to do their jobs. (And in many cases, also on personal devices to connect to their organization’s resources.)

In addition, many IT departments have seen both staff cutbacks and increased duties as organizations continue to feel the impacts of COVID-19. Because of all that, IT staff have had to set new priorities, including:

  • Minimizing high volume calls to the IT service desk
  • Projects that optimize efficiency quickly

SSPR solutions hit both marks, and can lead to quick results in lowering the overall support burden on IT staff. After all, self-service — by its very name — implies that end-users will have the ability to take care of themselves. Locked accounts, expired passwords, and password changes in general, can all be handled by an easy-to-implement SSPR solution. And the results should be immediate.


Time is money! 


Think about it:  If you can relieve IT from these calls, not only can your staff devote more of their time to other issues, but you also reduce costs.

According to analyst firms the Gartner Group and Forrester Research, between 20%-50% of help desk calls are related to password resets, and a single password reset call can cost about $70. Put that into perspective: If a service desk manages 200 calls a month, potentially 100 of those calls are password-related. Easy math tells you that’s $7000 in support costs per month, just for simple password issues!

Save your organization thousands of dollars each month – if not tens of thousands, if you work for a larger organization –  and free up IT staff, by implementing a self-service password reset solution. And although harder to quantify, end-user productivity will certainly be improved if users are given the ability to quickly remedy some of their own simple issues. Password resets, account unlocks, and password changes can all be cleared up in an automated way, even from home.


How SSPR works


With SSPR, end-users enroll in the system and provide information that can later be used to verify their identity when the need arises to unlock their account or reset their password. Common SSPR identity verification methods include security questions and one-time passcodes delivered over text or email.

For example, users will enroll into the system with answers to predetermined questions or with their mobile or email address. Before being able to perform account-related actions, they will have to identify themselves using whichever verification method they set up. This allows a fully automated approach without IT staff interaction. And end-users get a resolution to their issue almost immediately.   It’s a win-win.


Which SSPR solution is right for you?


Not all SSPR solutions are created equal.  A large part of the success of an SSPR implementation depends on the features and functionality of the solution itself.

You should look for some of these essential features:

  • Enrollment specific features– pre-enrollment, admin enrollment, and forced enrollment options.
  • Usability– ability to access and utilize the solution easily from multiple entry points (login screen, Internet, apps, etc.)
  • Ability to use existing multifactor authentication (MFA) tools– in other words, it supports existing forms of authentication that users already use to access other applications at work.

For an SSPR solution in your organization to be truly – and quickly — successful, it’s important to have 100% enrollment compliance. As such, the solution needs to either remove the enrollment process from end-users or make the enrollment process mandatory.

A full-featured SSPR solution generally provides the following benefits to your organization:

  • Fast implementation – easy to implement and provide a small footprint from an infrastructure perspective.
  • Measurable cost savings – as mentioned before, statistically speaking, SSPR solutions could potentially cut service desk calls by up to 50%.
  • Higher quality end-user experience – an intuitive web-based interface means end users can resolve their problems immediately, without waiting for tech support help.
  • Increased security – IT service desk user verification is often non-existent or highly insecure, particularly in large organizations. SSPR fills this gap by ensuring users are whom they say they are before performing a password reset.


SSPR software to take a look at


There are a number of companies producing self-service password reset solutions right now.  The website provides a comprehensive list of SSPR offerings with descriptions and reviews. According to their scoring methodology, the top-rated solutions are:

  • Microsoft Azure Active Directory
  • SailPoint Identity Now
  • Oracle Identity Management
  • Avatier Identity Anywhere
  • ManageEngine ADSelfservices Plus
  • IBM Security Verify

Take a look at these reviews and find the solution that is the best fit for your organization.

Written by Jackie Bilodeau

I am the Communications Director for CGNET, having returned to CGNET in 2018 after a 10-year stint in the 1990's. I enjoy hiking, music, dance, photography, writing and travel. Read more about my work at CGNET here.

You May Also Like…

You May Also Like…


Translate »
Share This