If users have to remember more than three passwords, they often start writing them down, according to Novell Canada’s chief technology and chief information officer, Ross Chevalier.
At Bridgepoint Health, a typical user had to remember three to four passwords. Some had to remember as many as 10. In order to simplify access to applications and information systems, the health-care provider decided to implement a portal through which employees could access the 30 or so systems and applications they needed.
The company built its system on Novell exteNd, Novell eDirectory, Novell Identity Manager, Novell iChain and Novell SecureLogin. Although it looked at other portal solutions, Bridgepoint went with Novell because it was already a Novell customer and had seen Novell in action at other health-care organizations, Marc Lamoureux, director of information systems for Bridgepoint Health in Toronto said Thursday.
The most challenging aspect of the project, he said, was figuring out how to design the portal so that employees could easily navigate it.
“We learned that the design and language had to be as straightforward as possible,” he said. Bridgepoint tried as much as possible to reduce the amount of clutter in the portal.
It identified five different kinds of roles that employees had and created interfaces specifically for those roles so that the amount of superfluous icons in the portal could be reduced. For the executive group, which needed access to many different tools, it created tabbed views, similar to tabbed browsing in Firefox.
“The executive group had to have a high-level view of overall activity and detailed views,” Lamoureux said. Since the executives have different needs at different times, and can take on different roles, Bridgepoint created a couple of different pages views for their different roles. There are, for example, pages dedicated to strategic issues, operational issues and governance issues.
Bridgepoint will strive to keep the content in the portal fresh, he said.
It will also eventually move from roles-based identification management to personal ID management, giving employees access only to what they need specifically to perform their jobs.
“One of the major challenges is putting the HR system at the front of that,” he said. “This is complicated, but we’ve seen it work. We know it can work, it’ll just take time to map out the complexities.” When an employee or contractor comes on board, a series of workflow components will be initiated to give that employee or contractor access to necessary systems.
For now, the portal giving employees single sign-on capabilities has reduced the number of helpdesk calls by about 75 to 80 per cent and employees are reacting “extremely positively” to the new system. “It’s helped us with training and orientation as well. Most people are familiar with Web browsing now, so it’s helped.”
The technology involved in implementing such portals is quite simple, said Novell’s Markham, Ont.-based Chevalier. The difficult part is the process mapping and planning — understanding what the business processes are, he says.
“You fit the technology to the requirements of the user community rather than fitting the community to the technology.”
The most common mistakes companies make when it comes to ID management is thinking of technology as a panacea to all of their problems, he said.
“The biggest risk in every case is assuming that any piece of software from any vendor is going to be the Holy Grail.” But each organization is unique and each has a user community with its own needs. The users need to be consulted when mapping out a solution, he said.
ID management systems “maintain the infrastructure but shields the user from the complexity” of the underlying systems, he said. They not only allow users to focus on doing their job, but they also allow IT to focus on ways of bringing the business forward rather than on mundane tasks such as fielding help desk calls.
Before implementing the portal, users not only had to remember a number of passwords, but they had to remember where to find the various applications and data sources, Lamoureux said. Were they on the desktop, in the startup menu or on the Web browser?