You might think that using the same credentials for everything means a bigger chance of a data breach. After all, aren’t we always being warned not to reuse passwords to avoid compromising a large string of accounts rather than just one?
Not when it comes to single sign-on, or SSO.
RELATED RESOURCE
Usually used in a business context, SSO is an authentication method and just one component of identity and access management (IAM), a security strategy giving users access only to the business applications they need for work so that any hackers only get so far within a victim’s limited network.
SSO allows your organisation to control access through a single log-in portal that then gives your employee access to all approved applications within your business.
As the use of cloud applications, hybrid work, and the sophistication of cyber attacks grow, this tech is especially helpful for replacing many of the on-premises security measures that are no longer as effective.
So should your organisation adopt a single sign-on platform as part of its security strategy?
How does SSO work?
SSO solutions hold your credentials and identity data in a single identity repository, or identity store, giving you access to all the apps and services your organisation has given permission for you to access.
When you log in with an identity provider, such as logging into a site via Facebook or Google, the provider verifies your identity and passes along a token of authentication to the site you’re trying to access. The idea is that once logged in via the identity provider, it’s the token that gets you seamless access to all permitted sites and services, rather than a different set of credentials each time.
The benefits of single sign-on
Still wondering how having one password instead of multiple means stronger security rather than weaker?
Implementing SSO offers your organisation a plethora of benefits, and one of these is that by nature of only having one password to remember, users can create stronger ones and are less likely to use previous or simpler passwords to save time.
Instead, they save time by not having to sign in to different apps and websites multiple times a day or waste time with password recovery for all of the passwords they’re forced to keep track of.
In addition to an improved user experience, SSO saves administrators time and headache by giving them central management of a variety of security controls. From one platform, you can set required password complexity, how often users have to reset their passwords or re-enter them to ensure they’re still active, what apps and websites users have access to, and more.
It also makes it easier to implement multi-factor authentication (MFA), which improves security by requiring users to confirm their identity through other avenues, such as a code received by text. Instead of identifying and launching MFA on each app, you simply need to set it up for one portal and be done with it.
The drawbacks of single sign-on
There are still a few issues with SSO that you need to consider before adopting it.
RELATED RESOURCE
You could run the risk of employees still using easy-to-guess passwords, which then gives a hacker access to all applications once they have that one password. As mentioned earlier, you can prevent this from happening by setting requirements for the complexity of the password, or using MFA.
The centralised server that makes management so much easier can also cause everyone to lose access to their applications if it were to go down. This makes it a prime target for attackers, and arguably a single point of failure.
However, by filling the security gaps ahead of time, you can reduce the risk of a breach happening and the damage any successful breach can cause, while still reaping the benefits of better security, user experience, and efficiency.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
HPE eyes enterprise data sovereignty gains with Aruba Networking Central expansionNews HPE has announced a sweeping expansion of its Aruba Networking Central platform, offering users a raft of new features focused on driving security and data sovereignty.
-
Fortify your future: How HPE ProLiant Servers deliver top-tier cyber security, management, and performanceWhitepaper Deploy servers with a secure approach
-
Fortify your future with HPE ProLiant Servers powered by IntelWhitepaper Enhance your security and manage your servers more effectively
-
Architecting enterprise networks for the next decadeWhitepaper A new paradigm in network architecture
-
Why network monitoring tools fail within secure environmentsWhitepaper Gain visibility into devices, networks, and applications
-
Better together: HPE Aruba Networking CX switches and HPE Aruba Networking CentralWhitepaper Explore the power and simplicity of managing HPE Aruba Networking CX Switches with HPE Aruba Networking Central
-
Cyber-resilient infrastructure starts with server securitywhitepaper Take a security-focused approach when investing in the next wave of IT infrastructure.
-
Driving digital innovation with intelligent infrastructurewhitepaper Strong infrastructure investment is driving digital in all industries
