Why AD360
 
Solutions
 
Resources
 
 

Here's is how much the lack of SSPR can cost you

Sachin Raaghav

Apr 206 min read

Book Demo

Table of Content

Read more
  • 5 pain points you can overcome in AD user account management  
    Manual vs. automated identity life cycle management  
    Active Directory clean-up: Should you automate it?  
  • Maintain confidentiality of critical information by implementing the POLP  
    6 essential capabilities of a modern UBA solution  
    How can SSO help in reinforcing password security?  
  • Authentication vs. authorization  
    5 simple steps to HIPAA compliance  
    Smart strategies to provision and de-provision Active Directory  

What is SSPR?

Self-service password reset (SSPR) is a technology or process through which a user who has forgotten their password or been locked out of their systems can authenticate themselves with their chosen alternate factor and reset their password without any assistance from the help desk.

How SSPR works

Enterprise SSO is an authentication solution that allows end users to securely access multiple applications and websites using a single set of credentials. Enterprise SSO works as an intermediary between identity providers and service providers.

SSPR works using four simple steps. These steps provide a quick resolution to a user's woes and grant them access to their systems and applications without having to wait on the help desk. This is how SSPR works in an organization:

  • Verify the user: The first step for an SSPR system once it receives a password change request is to verify the user who put in the request. This is done by requiring the user to input either the username or the email associated with the account. This is used to confirm the account associated with the password reset request.
  • Authenticate the user: After confirming the account, the system authenticates the user before changing the password. This is done via a preconfigured workflow that uses either a multi-step authentication process or a more secure multi-factor authentication (MFA) process. The end user must authenticate themselves using any of the options provided to move to the next step.
  • Reset the user's password: After the authentication process, the end user can change their password. The password has to comply with the root password policy in Active Directory or with a more complex policy enforced by the administrator as allowed by the SSPR solution.
  • Notify the user of the change: Once the reset is completed, the end user is immediately notified of the change. Change notifications are usually sent to the registered email or phone number. This helps the end user quickly report the change in case it was made by someone else.

How much does a password reset ticket cost your organization?

A study by Gartner revealed that 20-50% of all service desk calls are for performing password resets. Forrester Research found that the average help desk labor cost for a single password reset is $70 or more. We can easily use these two statistics to calculate approximately how much money your firm loses due to a lack of SSPR.

Let us assume your organization receives around 600 tickets a month. With that number, we can calculate that the number of IT help desk tickets you receive in a year is approximately 7,200.

According to Gartner, 20-50% of all service desk calls are for password resets. Taking the average value, let us say that 35% of the tickets your firm receives are password reset requests. That means the number of password reset requests your firm receives in a year is 35% of 7,200, which is 2,520.

Data from Forrester Research says that the average help desk labor cost for a single password reset is $70 or more. The annual cost your organization incurs due to a lack of SSPR equals the yearly number of password reset requests multiplied by the cost to resolve a single ticket, which is 2,520 тип $70 = $176,400.

The actual values for the number of tickets, the percentage of password reset tickets, and the cost of resolving a single password reset ticket may vary from organization to organization. What you see above is just an example used to demonstrate the high costs organizations incur due to a lack of SSPR.

Be mindful that this calculation does not cover the costs incurred due to the decrease in productivity caused by employees being unable to access applications and resources to get their work done.

This simple example illustrates how organizations can save hundreds of thousands of dollars every year by handing over the power of resetting passwords to their end users. The SSPR process is also much more secure than the manual, outdated process and it helps end users stay on top of their game at all times.

SSPR is an essential tool in today's corporate ecosystem, ensuring a secure way for users to reset their passwords in a few clicks without having to compromise on their productivity.