PasswordCourier® Password Management

Self-Service Password Management Software

PasswordCourier, Courion's password management solution, enables organizations to deploy self-service password reset and synchronization across a wide variety of enterprise systems. PasswordCourier is the industry standard for secure, self-service password management, featuring multiple access options, robust service desk integration, and the ability to enforce consistent password policies on any system, application, or Web portal.

Addressing Password Challenges

Today's business environment is increasingly complex, with more pressure than ever before to reduce costs while at the same time increase user productivity and improve security levels. Password management solutions that simultaneously achieve all three of these objectives are rare.

Password resets are consistently found to be the number one source of service desk calls. Organizations that implement a strong self-service password management solution can achieve rapid ROI that is easily demonstrable by call volume reduction, improved service levels, and greater end user convenience and productivity. PasswordCourier customers have seen calls to the help desk fall by as much as 80%, or more.

Regulatory compliance initiatives and good security practices require strong password policies, such as longer, more complex passwords and more frequent password expiration. This, coupled with the burgeoning number of enterprise applications, makes it difficult for end users to remember more and more passwords. Since users may resort to insecure password practices (e.g., writing passwords down and failing to properly secure the written list), more and more organizations are turning to self-service solutions to enforce secure password policies and reduce potential user frustration.

Maximizing User Adoption

The success of any self-service password management initiative depends how many people use the solution. If end users can't or won't access the system, your organization will not see the cost, productivity and security benefits that are expected. PasswordCourier's multiple access options provide the ease of use, 24x7 availability, and flexibility to accommodate your business needs and user preferences. The options include web access, DIRECT!® desktop access, telephone, voice biometrics, secure kiosk, and service desk. The web access option can be easily adapted to reflect the look and feel of your organization's support portal, Intranet or web site, while multi-language support allows user interaction in a variety of non-English languages.

Infrastructure Investment Protection

Courion's enterprise architecture includes a scalable, multi-tier Connector Framework and dozens of password connectors covering major operating systems, networks, enterprise directories, mainframes, and enterprise applications. Customers who deploy PasswordCourier find they can seamlessly deliver self-service password management features to users quickly and easily, without introducing massive architectural changes that can disrupt their business.

Synchronization Options

PasswordCourier offers several flexible synchronization options under the umbrella of Selective Password Synchronization. This enables administrators to group together systems or applications that share similar requirements, and exclude platforms and applications that should not be synchronized. It also allows users to select accounts and passwords to be synchronized from a list. Once the systems to be synchronized have been selected, companies can implement either Active Password Synchronization or Transparent Password Synchronization. Active synchronization enables users to choose individual accounts to synchronize from a list, while transparent synchronization enables password changes to be propagated to all systems using native tools, providing many of the benefits of single sign-on without the added expense.

Enforcing Strong Policies

Password management solutions must support the ability to enforce strong policies. PasswordCourier enables organizations to centrally define and consistently enforce strong password policies to ensure compliance with corporate security guidelines and to maximize data security. Using PasswordCourier's policy engine, organizations can apply the widest variety of password rules to all systems and applications, selected groups of systems and applications (e.g. all UNIX systems, all OS/390 systems, all Web portals), or individual systems and applications. These include minimum/maximum password length, history and dictionary checking, required mixed case, and numeric or special character use as just a few examples of the wide variety of rules that can be put into effect.

Secure Management

Users create their own custom challenge/response question and answer pairs to ensure secure self-service authentication. PasswordCourier automatically captures the details of every password reset request in a secure database or services desk application. IT administrators and users are notified through emails and alerts when a password has been changed, to ensure no unauthorized modification has taken place. All data is transferred using secure encryption to protect the integrity of sensitive data including passwords. Sensitive data is stored using either encrypted or hashed formats.

• Provides multiple user access options for password reset
• Delivers comprehensive password synchronization options
• Enforces strong password policies
• Integrates password management with other service desk applications

• Increases end user productivity and satisfaction
• Results in help desk call reduction and cost savings
• Delivers improved service levels
• Enables demonstrable password policy compliance

• Datasheet: PasswordCourier
• Case Study: Associated Materials
• White Paper: PasswordCourier with Telephone Access
• Gartner Magic Quadrant for User Administration and Provisioning (2012)
• KuppingerCole Leadership Compass - Identity Provisioning (2012)