Single sign-on (SSO) is a user authentication service that allows a user to utilize one set of login credentials to access multiple applications. SSO is appropriate for small to medium sized business, as well as individuals looking to get a handle on managing various usernames and passwords. The service authenticates the end user for all the applications the user has access to, and eliminates future password prompts during the same session.
Single sign-on is often preferred by users who appreciate the convenience, and hate having to remember multiple passwords – especially if they also have to change every 4-6 weeks. However, this method does represent risk to enterprise security. It creates a single point of failure in user account. Should a cyber criminal gain access to the SSO credentials of a user, they can easily peruse all applications that user is authenticated for. This maximizes the amount of damage the attacker can wreak on your company. Because of this, companies are urged to use two-factor authentication (2FA) or multifactor authentication (MFA) with SSO to increase security.
Enterprise single sign-on (eSSO) products and services are comprised of password managers which include client and server components. The credentials utilized are typically a username and password, so target applications do not need to be altered to coordinate with an SSO system.
Advantages of SSO
- Permits users to manage fewer passwords and usernames and not have to remember multiple sign on protocols.
- Organizes and streamlines the sign on process, eliminating the need to re-enter passwords.
- Minimizes the opportunity for phishing scams
- Fewer complaints and calls for help for the IT helpdesk to field and answer.
Disadvantages of SSO
- The need for different security levels for diverse applications cannot be addressed
- If authentication fails, the user is locked out of every system they need to access
- If an unauthorized user obtains control, they have the ability to gain access to multiple applications
Social Media SSO: Google, Twitter, Facebook and LinkedIn are common examples of well-known SSO services. They permit an end user to access a third-party application with their social media authentication credentials. Most security experts recommend that end users stop using social SSO services completely as criminals can literally access all of a users applications through the same authentication. Apple recently announced a single sign-on service which is being marketed as more secure than those already available. The new offering should limit the amount and type of data third-party services can access and enhance security by requiring two-factor authentication; supporting integration with Apple’s Face and Touch ID.
Looking for SSO? Here are the Vendors
There are multiple well known and reputable SSO vendors. These include:
- Rippling– which permits end users to utilize cloud applications, signing in from multiple devices.
- Avatier Identity Anywhere– this SSO is designed and intended for Docker container-based platforms.
- OneLogin– This cloud-based identity and access management platform provides other applications, but also supports SSO.
- Okta- Okta supports two-factor authentication and SSO authentication. It is primarily utilized by enterprise users rather than personal account holders.
If your small to medium sized business is looking for ways to increase security and protect your network, call Alliance IT today. We are proud to work with Sarasota and Tampa area organizations to make sure that their data, hardware, software and networks are as safe as possible – and we’d love to help you. Our team of experienced experts will function as your own IT team and not only streamline your operations, but help you to save money and protect your business.
