A close-up of a person seen from the neck-down using a laptop. The person uses one hand to control the laptop's trackpad, while their other hand holds a smartphone. The person wears a dark T-shirt with the word "WHY" written on the right side of the chest.
Single sign-on is easy to work with from a user standpoint. A single successful login unlocks access to multiple programs, so employees only have to enter their credentials once. — Getty Images/Tom Werner

As businesses seek to secure their systems from the increased threats of phishing, malware, and ransomware, many IT experts are recommending implementing a single sign-on process. Single sign-on is considered by many to be a convenient, easy way to secure your system against a data breach, but it does have its limitations. If you’re considering adding this identity access management tool to your security system, here’s what you need to know.

[Read more: What Is the One Thing We Can Do Right Now to Improve Our Cybersecurity?]

What is single sign-on?

Single sign-on (SSO) is an authentication process that allows users to enter multiple applications and websites using one secure set of credentials. When you add SSO to your work environment, your employees can log into one application and automatically be signed into other programs, regardless of the platform, technology, or domain the individual is using.

How does SSO work?

Single sign-on can get pretty technical behind the scenes, but the user experience is relatively simple. Essentially, the user starts by opening the application they want to access, such as Gmail. The user logs in with their email address and password. Gmail—which in this case serves as the “Service Provider”—sends the information to the Identity Provider.

The Identity Provider may ask for additional authentication, such as a one-time password or biometric credential (e.g., a fingerprint). Once the Identity Provider has validated the credentials, it will confirm with the Service Provider and the user will be logged into multiple applications. In this example, once someone logs into Gmail they are also automatically authenticated to YouTube, AdSense, Google Analytics, and other Google apps.

The technical explanation is more complicated than this example implies, with various protocols and standards involved (such as SAML, OAuth, and OIDC). These protocols can easily be outsourced to an IT specialist or an SSO provider that can take care of the nitty-gritty implementation for you.

SSO empowers better identity and access management, locking down key systems and making it easier for IT teams to monitor and control user credentials.

What are the benefits of SSO?

Advocates for single sign-on say that the system is a way to both provide a better user experience and secure your system.

For your team, SSO makes it easy to uphold password best practices. “When end users only need to remember a single unique password, instead of different passwords for each app, the risk of password fatigue drops significantly, and with it the rate of time-consuming password resets,” wrote Okta. “What’s more, since they only need to log on to one secure platform, once per day, you eliminate the chance of users repeating passwords across multiple insecure applications.”

Okta, an SSO provider, also found that IT teams at organizations that deploy this authentication process spend significantly less time providing password-related support and can speed up IT integration with acquired businesses by 500%.

On the security side, SSO empowers better identity and access management, locking down key systems and making it easier for IT teams to monitor and control user credentials. But before implementing SSO, there are some drawbacks your company should consider.

What are the drawbacks of SSO?

SSO should be implemented strategically. Some companies may have applications they want to keep locked down a bit more: For instance, healthcare organizations subject to HIPAA regulations may need to be careful about their SSO implementation.

“[It] would be important to choose an SSO solution that gives you the ability to, say, require an additional authentication factor before a user logs into a particular application or that prevents users from accessing certain applications unless they are connected to a secure network,” wrote OneLogin.

Before you get started with SSO, make sure you perform a full review of the applications, employees, and third-party vendors who may gain access through this authentication process. Then, choose a provider who can let you customize controls to suit your company’s needs.

[Read more: 6 Ways to Make Your Hybrid Workforce Secure]

CO— aims to bring you inspiration from leading respected experts. However, before making any business decision, you should consult a professional who can advise you based on your individual situation.

Applications are open for the CO—100! Now is your chance to join an exclusive group of outstanding small businesses. Share your story with us — apply today.

CO—is committed to helping you start, run and grow your small business. Learn more about the benefits of small business membership in the U.S. Chamber of Commerce, here.

Brought to you by
Let's Make Tea Breaks Happen! Apply for a Pure Leaf Tea Break Grant
The Pure Leaf Tea Break Grants Program for small businesses and 501(c)(3) nonprofits is now open! Apply for a chance to fund ideas that foster healthier workplace culture and norms! Ideas can be new or already underway, can come from HR, C-level, or the frontline- as long as they improve employee well-being through culture change. Learn more about the Contest, including how to enter at the link below.
Learn More

Get recognized. Get rewarded. Get $25K.

Is your small business one of the best in America? Apply for our premier awards program for small businesses, the CO—100, today to get recognized and rewarded. One hundred businesses will be honored and one business will be awarded $25,000.

Apply Now!

Published