ROI Calculator for SAP NetWeaver Single Sign-On.pdf
9
How Much Do Passwords Cost? Discover the Value of SAP NetWeaver Single Sign-On SAP
Transcript of ROI Calculator for SAP NetWeaver Single Sign-On.pdf
How Much Do Passwords Cost?Discover the Value of SAP NetWeaver Single Sign-On
SAP
© 2012 SAP AG. All rights reserved. 2SAP NW Single Sign-On
Consequences of complex system landscapes
Organizations require far too many passwords, which leads to weakened security, unhappy end users, as well as increased cost of management and IT support.
Each application is secured by one password, which has to be renewed in regular intervals.
The effort for users and IT increases with each additional system.
ID 1a
ID 1b
Password a1x
2xPassword b
© 2012 SAP AG. All rights reserved. 3SAP NW Single Sign-On
Issue #1: Weak passwords
An Aberdeen research report identified the sheer number of password as the biggest security problem. On a typical work day, the average enterprise knowledge worker might be required to use as many as half a dozen passwords.The majority of organizations have taken several steps to strengthen the security of passwords, such as requirements regarding length and complexity, restrictions on reuse, or mandatory renewals. All of these measures enhance the security of passwords, but at the same time passwords become even more cumbersome. Complex, secure passwords are more difficult to hack, but also harder to remember. Natural coping mechanisms include writing passwords down (which weakens security) or calling the help desk (which increases costs).
11%
35%
36%
55%
58%
62%
71%
98%
User name and passwordand 2 other methods
User name and password
… with length requirements
… with complexity requirements
… with restrictions on re-use
… with non-dictionaryrequirements
… with mandatedpassword changes
User name and passwordand 1 other method
Source: The Many Faces of Single-Sign-On, Aberdeen, March 2008
Current password practices
© 2012 SAP AG. All rights reserved. 4SAP NW Single Sign-On
Issue #2: High costs of managing passwords
ID 1 Cost of managing a user ID
+ Help desk costs for handling end user identificationand authentication problems (i.e. passwords)
+ End user costs to change x number of passwords ytimes per years, including calls to help desk
Administrative costs to create, delete and change=
Most cost-related efforts of managing passwords are associated with the user IDs.
Create/delete operations occur once per user ID. Password changes occur multiple times for multiple people. Sooner or later all users need help desk support to unlock their user accounts.
© 2012 SAP AG. All rights reserved. 5SAP NW Single Sign-On
The costs? A summary…
End UserNumber of log-ons and time needed to log on to a required systemNumber of changes and time needed to change passwords per yearNon-productive time due to locked system accounts
Help DesksCosts of IT tickets for handling password problemsUser support by phone or mail to unlock system or user account
IT AdministrationCosts to create, delete, and change user accounts and passwordsCosts to monitor passwords and corporate security policy
Tangible Benefits
SAP NetWeaver Single Sign-On
© 2012 SAP AG. All rights reserved. 7SAP NW Single Sign-On
Lowering the number of logons
5The average user requires 5 or more
passwords to get access to all systems on a regular work day
Source: The Many Faces of Single-Sign-On, Aberdeen, March 2008
Benefit calculation Most Likely Conservative
Size of organization / # of active users 2.000 2.000
Average # of logons per workday (5 systems, 2 logons) 10 10
Average time to log on to a system (in seconds) 12 6
Average # of workdays per year 220 220
Cost rate per working hour (in €)* 25 25
Effort of multiple system logons (in €) 366.667 183.333
Expected improvement potential of SAP NetWeaver SSO (in %) 95% 90 %
Potential benefits (in €) 348.333 164.999
* Average cost per employee: 50.000 €, 2.000 working hours per year
Formula:Most likely: row1*row2*row3*row4/60/60*row5= result * row7/100 = end resultMost likely: 2000*10*12*220/60/60*25 = 366.667 * 0,95 = 348.334
© 2012 SAP AG. All rights reserved. 8SAP NW Single Sign-On
Lowering the number of password changes
4For security reasons
every password has to be changed at least four times a year.
Benefit calculation Most Likely Conservative
Size of organization / # of active users 2.000 2.000
Average # of systems used by an employee 5 5
Average # of passwords changes per year 4 4
Average time for one password change (in minutes) 2 1
Cost rate per working hour (in €)* 25 25
Effort of multiple password changes (in €) 33.334 16.667
Expected improvement potential of SAP NetWeaver SSO (in %) 75 % 75 %
Potential benefits (in €) 25.000 12.500
* Average cost per employee: 50.000 €, 2.000 working hours per year
Formula :Most likely: row1*row2*row3*row4/60*row5= result * row7/100 = end resultMost likely: 2000*5*4*2/60*25 = 33.334 * 0,75 = 25.000
© 2012 SAP AG. All rights reserved. 9SAP NW Single Sign-On
Lowering the number of password resets
15According to the Gartner Group, between 20% to
50% of all help desk calls are for password resets. The average help desk labor cost for a single
password reset isabout 15 €.
Benefit Calculation Most Likely Conservative
Size of Your Organization / Number of Users 2.000 2.000
Expected # of calls or ticket per user and year 10 10
Calls or tickets associated with password resets (in %) 20 15
Total # of calls or tickets associated with password resets 4.000 3.000
Average cost of a help desk call or ticket (in €)* 15 15
Effort of handling password resets (in €) 60.000 45.000
Expected improvement potential of SAP NetWeaver SSO (in %) 75 % 75 %
Potential benefits (in €) 45.000 33.750
*Source: Gartner IT Key Metrics Data, Summary Report, 2011
Formula: Most likely: row1*row2*row3/100= resultA * row5 = resultB * row7/100 = end resultMost likely: 2000*10*20/100 = 33.334 * 15 = 60.000 * 0,75 = 45.000
