Chew on this statistic: Worldwide spending on identity and access management reached almost $3 billion in 2006, according to a 2007 IDC study of the authentication technology market. That's $3 billion to bridge the Internet Age moats around our castles, but it does not include the cost of aspirin for headaches that password issues cause network administrators and users alike every year.

There is, however, an emerging set of solutions that can reduce the pain of password management: single sign-on (SSO) technology allows a user to have one password that provides entry to a system and then manages all of the application authentications seamlessly and transparently. Better yet, SSO offers some relief – even some advantage – to network administrators who support multiple password-protected applications.

The SSO effect on money and time

As small and midsize businesses (SMBs) grow, so do the number of applications that require user authentication. This is usually driven by sensible concerns about confidentiality and protection of sensitive data, such as customer information or company financial information. In highly regulated industries, such as financial services and insurance, CDW has seen organizations with as many as 30 applications that require user authentication.

IT help desks can potentially spend hours on password resets. In fact, according to IDC, 40% of help desk calls are for password resets, and the price of password reset calls can accrue to astronomical sums, costing up to $50 per reset. To put the costs in perspective, if each user in a 500-person enterprise makes four reset calls each year, the company may spend $100,000 annually on resets – and they may avoid all or most of that by implementing a secure SSO solution. In many companies, that is at least the cost (in salary and benefits) of one experienced IT professional.

The objective of SSO is to avoid the hidden costs of flawed "human software." It is simply easier for any user to remember one password instead of several. If users forget passwords, not only does the help desk have the burden and expense of a password reset, but there can be a substantial period of time where users will not have access to the application they need, wasting still more time and money.