Airplane maker reduces password reset pleas

An aircraft manufacturer says password management software has helped quell its support desk pains.

The help desk at Wichita, Kan.-based Cessna Aircraft Co. was handling more than 44,000 password reset calls a year, according to Lisa Quinn, the firm’s acting manager of support desk.

Quinn said Cessna requires its employees to change their passwords every 60 days. Frequent changes, coupled with having to remember passwords to sign into the Windows domain, mainframe and Unix systems, the company intranet and timekeeping systems, aggravated the password-forgetting problem.

“We would get quite a few (calls) a day from people locked out of their systems. We had one person dedicated full time to reset passwords at the help desk,” Quinn said. “When you’re dealing with list of some eight passwords, and you don’t get into some of those systems on a regular basis, and security tells you not to write your passwords down, it’s easy to forget.”

To deal with these challenges, Cessna opted for P-Synch, a Web-based password management solution, for which Cessna’s parent company, Providence, R.I.-based multi-industry firm Textron Inc., had already purchased a licence. Cessna was the first Textron division to roll out P-Synch, according to Robert Miller, vice-president of marketing for Calgary-based M-Tech, which makes the software.

P-Synch, one of the products in M-Tech’s ID-Synch integrated identity management suite, has a password synchronization feature that applies password changes to every account users have, rather than just one, thereby allowing the user to remember a single, slightly more complicated password instead of a long list of weaker ones.

With self-service password reset, users who forget their passwords, or accidentally lock themselves out are authenticated by answering personal questions, by entering a security token pass code or using voice print verification. The number of personal questions to be answered can vary according to the company’s security policy, Miller said. Once authenticated, users can reset their own passwords and unlock their accounts.

P-Synch also provides a transparent way of prompting password changes, Quinn said. “When a user signs onto Windows and the password is about to expire, it asks, ‘Do you want to change it now?’ The user says ‘yes’ and changes it there, and the information is passed to P-Sync which synchronizes it (with the other passwords).”

The other option is for users to access P-Synch from the intranet page and force a password change. “But we try to make this as seamless as possible for users who are used to changing their domain password. It magically takes care of everything else.”

P-Synch was deployed across the Cessna enterprise on over 20 different target systems in a phased rollout by department. “We used to do avalanche rollouts where (we would) turn the light switch on in the whole company. But bringing (P-Synch) out in sections kept the cost, overhead and time down, and it proved that we could successfully roll something out in stages,” Quinn said.

The rollout, which took about 60 days, was “pretty smooth” from a technical perspective, she said, adding that the biggest obstacle was getting some employees to adopt the technology. “We had some people who didn’t want to use it, like things the way they are and don’t deal well with change,” she said, adding that it took a while for some people to remember the new, more stringent password rules: exactly eight characters and mixed case.

Training a few people and sending them back to their co-workers to “spread the word” about the new system, and following up with people who didn’t answer their verification questions over the phone or a letter, made it easier for employees to get onboard, she said.

“When you change the rules, everyone has a challenge with that. But compared to other things, like implementing an HR management system, it’s been skip in the park,” said Quinn.

Like many companies, Cessna has downsized in the past year, and now has fewer support people to deal with help desk calls. “But we are still able to handle it all, because we are now dealing with fewer calls. And our customers are not feeling any more pain for that.”

The reduction in help desk calls was most apparent after the two-week manufacturing plant shut-down over the winter holidays. “The first week back is usually a nightmare,” said Quinn. “Traditionally we’d bring in additional people (from other departments) and have extended hours. But this year we didn’t have that.”

Miller recommended password management as the first step in an identity management implementation. “It solves an immediate problem, and you derive great ROI from it right away. It can free up resources and help get people back to work instead of them sitting around and waiting to get into the system.”

Related Download
Virtualization: For Victory Over IT Complexity Sponsor: HPE
Virtualization: For Victory Over IT Complexity
Download this white paper to learn how to effectively deploy virtualization and create your own high-performance infrastructures
Register Now