What is single sign-on (SSO)?

A close-up shot of a login portal

You might think that using the same credentials for everything means a bigger chance of a data breach. After all, aren’t we always being warned not to reuse passwords to avoid compromising a large string of accounts rather than just one?

Not when it comes to single sign-on, or SSO.

RELATED RESOURCE

Busting the myths about SSO

Why SSO capability is critical to the success of IAM

FREE DOWNLOAD

Usually used in a business context, SSO is an authentication method and just one component of identity and access management (IAM), a security strategy giving users access only to the business applications they need for work so that any hackers only get so far within a victim’s limited network.

SSO allows your organisation to control access through a single log-in portal that then gives your employee access to all approved applications within your business.

As the use of cloud applications, hybrid work, and the sophistication of cyber attacks grow, this tech is especially helpful for replacing many of the on-premises security measures that are no longer as effective.

So should your organisation adopt a single sign-on platform as part of its security strategy?

How does SSO work?

SSO solutions hold your credentials and identity data in a single identity repository, or identity store, giving you access to all the apps and services your organisation has given permission for you to access.

When you log in with an identity provider, such as logging into a site via Facebook or Google, the provider verifies your identity and passes along a token of authentication to the site you’re trying to access. The idea is that once logged in via the identity provider, it’s the token that gets you seamless access to all permitted sites and services, rather than a different set of credentials each time.

The benefits of single sign-on

Still wondering how having one password instead of multiple means stronger security rather than weaker?

Implementing SSO offers your organisation a plethora of benefits, and one of these is that by nature of only having one password to remember, users can create stronger ones and are less likely to use previous or simpler passwords to save time.

Instead, they save time by not having to sign in to different apps and websites multiple times a day or waste time with password recovery for all of the passwords they’re forced to keep track of.

In addition to an improved user experience, SSO saves administrators time and headache by giving them central management of a variety of security controls. From one platform, you can set required password complexity, how often users have to reset their passwords or re-enter them to ensure they’re still active, what apps and websites users have access to, and more.

It also makes it easier to implement multi-factor authentication (MFA), which improves security by requiring users to confirm their identity through other avenues, such as a code received by text. Instead of identifying and launching MFA on each app, you simply need to set it up for one portal and be done with it.

The drawbacks of single sign-on

There are still a few issues with SSO that you need to consider before adopting it.

RELATED RESOURCE

Busting the myths about SSO

Why SSO capability is critical to the success of IAM

FREE DOWNLOAD

You could run the risk of employees still using easy-to-guess passwords, which then gives a hacker access to all applications once they have that one password. As mentioned earlier, you can prevent this from happening by setting requirements for the complexity of the password, or using MFA.

The centralised server that makes management so much easier can also cause everyone to lose access to their applications if it were to go down. This makes it a prime target for attackers, and arguably a single point of failure.

However, by filling the security gaps ahead of time, you can reduce the risk of a breach happening and the damage any successful breach can cause, while still reaping the benefits of better security, user experience, and efficiency.