Single Sign-On – What is it?
In short, a Single sign-on service allows a user to logon to multiple applications using one account and one set of credentials. Enabling this capability in an organization limits the need for the existence of multiple accounts to access the many different applications a user may need during a work day. It also greatly improves the IT team’s ability to control access to applications and the larger network. In particular, upon an employees’ exit from the organization the IT team can simply disable one account and remove access everywhere.
Single Sign-On technology provides the following benefits:
- Increased Productivity
- Improved Security
- Decreased IT Costs
- Improved Job Satisfaction for Employees
- Enhanced Customer Experience
- Increased Adoption Rates
- Tighter Business 2 Business Collaboration
- Regulatory Compliance
Of the above-mentioned benefits, improved security is the one I’d like to address. Verizon’s Data Breach Investigations Report 2021 found that 85% of breaches involved a human element, and 61% involved credentials. Based on the realities this report highlights, the case for securing people’s usernames and passwords with SSO is clear.
SSO requires the use of an identity provider (IDP). An identity provider (IdP) is a service that stores and manages digital identities. Companies use these services to allow their employees or users to connect with the resources, many times applications, they need. Microsoft Azure is an example of an IDP. IDP’s are able to implement many different types of SSO authentication methods including OAuth, SAML (security assertion markup language) and MFA (multi-factor authentication) to name a few. The below graphic depicts how a SAML authentication request works.
While no authentication method is infallible, the use of an IDP definitely raises an organization’s ability to more granularly control access to its resources, both internal and external to its network. It allows for higher levels of identification and sophisticated customization of connections to applications.
The implementation of single sign-on technologies is the immediate future of authentication. It does, however, require knowledge and training to implement, so IT teams will need to get up to speed on this technology. Bad actors are always finding new ways to attack networks, SSO represents a break-through technology that gives network administrators a great tool to defend with.
