I was on the phone yesterday with one of our star architects who was picking my brain about self-service scenarios on behalf of a customer. So, rather than send an e-mail I figured I would blog a response for everyone's benefit. A special hello/bonjour to my banking friends in Toronto who we're working with on this. My biggest regret when I moved from Ottawa to Seattle was giving up my Aerogold card! This one's for you...
Definition: Self-service is basically defined as empowering the end-user to accomplish IT-related tasks without the intervention of the helpdesk (hopefully). An end-user could be an employee, manager, contractor or customer.
Being a marketing guy I also have to break this feature into a "so what?", why would a customer pay for this?
Business Value: Self-service basically benefits a company in three ways: Reduced costs, improved productivity and improved security.
Reduced costs: Every task that an end-user can perform on their own is a task that the helpdesk doesn't have to do. The savings here can be direct or in-direct depending on whether or not your helpdesk is outsourced or not. When I was at Microsoft we had an outsourced helpdesk. Every call resulted in a charge. Every task that we could get an end-user to do, via self-service, resulted in a tangible savings. Companies that don't have an outsourced help desk can also reduce costs if they are willing to either "retire" helpdesk staff if volumes drop enough or move them to more valuable positions.
Improved productivity: Without self-service an end-user has to call the helpdesk. So you have the cost of that call plus the cost of having the end-user on the phone with the helpdesk versus doing their work. Eliminate the time on the call with the helpdesk and the end-user hopefully will be working. Typically, this is a soft cost which is a cost that's very hard to quantify to a CFO.
Improved security: One can make an argument that self-service scenarios can help to increase security by making it easier for a manager or application owner, for example, to revoke access without having to call the helpdesk. In other words, closing the window on a potential security threat faster.
Now that we have defined the topic, the business value and the benefits let's examine some of the supporting scenarios. I'm sure I won't get them all so if I miss something please send me an e-mail or comment so I can include. OK? Here we go...
Password Reset: This is probably the most valuable scenario of them all. You can probably read any analyst report and see figures that show anywhere from 45%-75% of all helpdesk calls are password related. And, guess what? They're true. I ask almost every customer I meet with how big of a problem it is and on average I would say most customers respond with ~50%. So, implement a password reset solution and re-deploy half of your helpdesk staff. (You define what re-deploy means.) This level of ROI is exactly why products like
Quest Password Manager are so popular.
Identity Update: Everyone should be familiar with this. Basically, it's a way that your end-users can update their own identity information. For example, mobile phone number, home address, etc. This is more than just the typical "white pages" application. It's white pages with some R/W access delegated to the end-user. Again, why does an end-user have to call IT or HR if they change their mobile phone number or their home address.
Entitlements: This is less familiar to most end-users. Basically, an end-user should be able to go to a web site and see a list of
things that he or she is entitled to. For example, access to the expense submission system, travel reservations, etc. Depending on their role in the company this list of
things would be context sensitive. If I were to get promoted to a management job perhaps I'd be entitled to sales reports, HR access and payroll information in addition to what I have as a regular end-user. Again, no reason to call IT for access plus you hopefully eliminate the dreaded wait of
x hours, days or weeks in getting the entitlement. As a stretch goal one would want the entitlement request to be workflow-enabled so the person's manager and perhaps others could easily "okay" the request via e-mail.
Reporting: Another great self-service option. If you need reports go to a web site and request the report. If you're not entitled to the report, see the last point as hopefully you have a web site to request that entitlement!
Attestation: Another ones that's a bit out there. In other words, there aren't a lot of products that do this yet. In this regulated world we managers every once in a while have to attest that our employees should have access to certain systems, applications or files. So, every month (or whatever) I should be able to both review what my people have as entitlements and attest that those are required. All of this would of course flow up the management chain so that we not only have regular entitlement reviews but those reviews actually turn into something that the CEO can sign off on for regulatory reasons. Also, the flip side is this will improve security. When was the last time you reviewed what your staff have access to? What you have access to? Do you even know?? Don't we all have friends at our company that used to work on an executive's staff and he or she still gets emails or still has access to files even though they left that department two years ago? My point exactly. (Don't get me wrong, I value those friends!)
In my opinion the password reset scenario is the one that offers the biggest and fastest ROI for a company. All of the other scenarios are excellent scenarios and absolutely should be pursued but their ROI tends to get softer - unless of course you have regulatory problems in which case reporting and attestation can be serious pain points.
I am also looking at ways for Quest to incorporate new technologies into the self-service mix. A good example is Microsoft's Speech Server product. I had a demo of our integration of Speech Server with Quest Password Manager last week and it was pretty cool. The main reason I pushed for it was for remote and traveling users. How do you get online to self-service reset your password if you are traveling? It can be difficult. By integrating with Speech Server you can sit in your hotel room, call up and talk it through your secret questions to get your password reset. Awesome.
In conclusion, I think that implementing self-service is on of the most valuable things any IT department can implement. Also, let's not forget the political reasons for implementing self-service:
- When you (IT) successfully implement self-service your end-users love it. Happy end-users talk about what a great job you've done. That's good.
- When you (IT) successfully implement self-service your managers - the guys that signed the check and, more importantly will be signing future checks - see a tangible result in happy users, reduced costs and fast ROI. Plus, it's something they can see with their own eyes versus projects that only make an administrator's life easier.
Let me know which scenarios I missed. I'm sure there's a few!
Technorati Tags:
identity management, passwords, Quest Software