Solution to make it easier for Unimed Curitiba users to unblock their network password via intranet

CLIENT
Unimed Curitiba
 
AREA
Health Care
 
PROBLEM
High number of open tickets for attendance and overload of the IT department of Unimed Curitiba for low complexity problems, such as unblocking the password for users to access the network.
 
SOLUTION
Agile and secure way to unblock passwords performed by the user through the intranet. With this solution, the user will unblock his password in a few minutes, just having a computer with access to the network. There is no need to open a ticket for IT support.
 
RESULTS
Twenty service units and approximately 1,400 employees from the commercial, administrative, and service areas in Curitiba and the region benefited.
 
TECHNOLOGY
The technologies used for this project were Active Directory (LDAP) integration via Java language (JEE, currently Jakarta EE), Windows Server operating system, HTML5, CSS3, JavaScript, Apache Tomcat, XML, JSP, Ajax, JQuery and Oracle databases.
     
Visionnaire - Unimed Curitiba - Password Reset
   
Detailed problem:
Unimed Curitiba is a medical work cooperative founded on August 6, 1971 and currently, with 49 years of existence, it has more than 4,500 cooperative doctors and almost 600,000 customers, holding about 60% of the health insurance market in Curitiba and Metropolitan Area. With 20 service units, it has the largest service network and accredited services in the capital. It is the largest health cooperative in the state, also among the five largest in the Unimed System.
 
There was a problem related to the difficulty and bureaucracy for unblocking the password of users who, for some specific reason, forgot or lost their password, being unable to access the company's network and intranet system. The high number of open tickets for attendance and overload of the Information Technology (IT) department of Unimed Curitiba for low complexity problems was the key point of the project.
 
Detailed solution:
Visionnaire developed the solution presented to the user through an HTML page on the intranet, a process for unblocking the password of Unimed Curitiba network users, considerably reducing the amount of open tickets for IT service.
 
The process begins with the registration of three open security questions, enabling the password change request. Most users will have access to the process to change the password of other users, with only a few exceptions, due to the specific needs of Unimed Curitiba.
 
Unblocking passwords is an activity that can be performed by the user himself via the intranet in an agile and secure way. With this practice, the user will unblock his password in a few minutes, just having a computer with access to the network. There is no need to open a ticket for IT support.
 
It is necessary for the user to register a question and answer questionnaire that will be asked when unblocking the password. The intranet issues a frequent alert asking the person to set up questions and answers. It is also possible to access the question and answer questionnaire through the side menu of the intranet.
 
The user can unblock his password from any computer connected to the Unimed Curitiba network, using the intranet, and informing date of birth and other personal information. The data are validated in the employee's registration. Soon the questionnaire of questions and answers previously registered appears.
 
Once the data has been validated, the new password will be displayed on the intranet page and must be changed at the first network login. If the registered data are not validated, the following information will be presented: “Note: The password of supervisors, managers, superintendents and directors that is unblocked by this process will be sent by SMS to the corporate phone registered in the system”.
 
 
Password unblocking will be blocked after five failed attempts at responses. All attempts to unblock will be logged in the system, identifying the network login, the machine and the time executed. Successive attempts to unblock from a machine will be monitored by the information security area. The user who had the password changed will receive an email informing them of the change.