America's fourth-largest savings bank deployed Avatier to strengthen password security and reduce help desk costs, achieving full ROI in just six months.
ING DIRECT is the United States’ fourth-largest savings bank and its largest online bank. The Company’s model is to maintain a very high level of operational efficiency in order to provide better offers to its customers. Because security is extremely important to the bank and its customers, ING DIRECT was looking for a way to institute stricter password policies without increasing the help desk workload. Most importantly, they needed the current help desk to be able to scale to meet the demands of a number of IT initiatives. Password reset was a low-level function that took up a tremendous amount of help desk staff time because of sheer volume. The IT team, led by Robert Weaver, Head of IT Security, ING DIRECT, knew they needed a self-service password management solution that would be easily accessible to end-users, simple to use, secure, and cost-effective. To comply with Sarbanes-Oxley (SOX) regulations, all of HMA’s passwords needed to be managed under a single system to provide synchronization across systems and directories. The challenge was that the corporate headquarters uses Novell eDirectory, while the rest of the company uses Active Directory — with many subsidiaries having separate directories. John Rodriguez, Applications Manager, needed to find a solution that would synchronize passwords and provide a paper trail of the changes in case the company was audited for SOX compliance. “The system we had in place was very cumbersome and there was no way to connect all the different directories as changes were made. In order to obtain SOX compliance, we really needed to be able to prove that a password that was changed in Active Directory would be automatically changed in eDirectory.”
ING DIRECT realized its return on investment with Avatier's Password Management within six months.
After an extensive evaluation in which ING DIRECT looked at a number of competitive solutions, ING DIRECT chose Avatier’s Password Management for several reasons. First, because Password Station has a very simple user interface that is available by phone or the web, they knew end-users would find it extremely easy to use and accessible. Second, the solution fit in well with their current Microsoft Active Directory environment. Third, the hacking algorithms innate in the Password Management system meant that the solution passed the security sniff test and would be impossible to hack. And last but not least, they felt that Avatier transformed the Password Management market while providing first class support which fit in well with their corporate mission to keep operational costs low. “ING DIRECT realized its return on investment with Avatier’s Password Management within six months. Now that it is widely deployed and accepted within the company ING saves more each month than it originally invested in the software. That kind of ROI really just passes on directly to our customers,” said Weaver.