Single Sign-On: The Only Security Improvement Users Actually Like!

Single Sign-On and Cyber Security

Nine times out of ten, when you improve cyber security, things get more difficult for users. It won’t be long before users will need to use a 67-character password with letters, numbers and gang signs. Oh, and they will have to change it at every login.

Luckily, there is one thing you can do to make users actually enjoy a cyber security improvement. You just need to implement single sign-on, or SSO. Instead of your users being required to enter a password for every application they access, they will only have to enter one password, and then they will receive a virtual ticket that allows them to access all other applications that they are permitted to access… without having to complete any more login forms.

The first time you experience SSO, it feels like magic. In fact, it feels so easy, you’ll think it just HAS to be insecure. But implemented properly, SSO is more secure than having individual logins.

So how can SSO be more secure? The secret is to make sure you choose an SSO solution that has conditional access. That way you can put very specific controls around user logins. For instance, in the office you can forego multi-factor authentication, but outside of the office you can require it, and outside of the country you could even lock-down login to certain pre-approved devices. Also make sure your SSO provider has login monitoring and auditing. That way you can monitor for unusual activity, like impossible travel where an account is used in one location, and then minutes later logs in on the other side of the country.

Once you have all of those great login controls in place, they will all apply across all of the apps you use with SSO. That lessens misconfigurations, and also allows you to use more sophisticated security controls that many times aren’t available with most SaaS applications.

Want to know more? Here are the basics:

Defining Single Sign-On

Single sign-on allows a website or application to “trust” users who have been verified by another system. Using a single sign-on authentication process allows you to use just one set of log-in credentials to access multiple applications. SSO is most commonly used in large enterprise businesses so that employees can work across multiple resources without having to enter and re-enter usernames and passwords.

It’s found outside the corporate world, too. For example, you may have noticed some social media applications allow you to open your account through Facebook. In essence, your Facebook account is acting like a ticket to get you into another platform.

SSO Benefits 

Is single sign-on right for your team? Some of the benefits include:

  • Decreased security risk, because user passwords are not stored or managed outside a third-party site
  • Not having to generate unique username or password combinations
  • Allowing users to bypass the steps required to enter and re-enter passwords, which can improve productivity and decrease errors from passwords entered incorrectly
  • Fewer calls to the IT department for help in recovering passwords
  • The ability to easily delete SSO credentials when an employee leaves a company

SSO Risks

While there are many advantages to SSO, the risks need to be addressed, as well. Having one set of login credentials can be a security issue: Hacking into the system could allow entry into a range of other applications. Therefore, with SSO, it’s critical that passwords be robust and well-managed.

Any interruption of service by the SSO system could mean downtime for everyone using it to work on multiple applications. It’s imperative to choose an exceptionally reliable SSO system. Your company should also formulate a back-up plan for dealing with outages.

Your SSO provider could be hacked, leaving your company vulnerable. Using cyber security scores is a good way to vet SSO providers and feel assured they can provide service without exposing your company’s valuable data.

Given these drawbacks, we still believe that SSO improves the overall security of enterprises. If you’re considering an SSO system, contact us to discuss your options. Watch each video and make simple, everyday changes that will help reduce your risks of hacks, breaches and cyber attacks.

P is for Passwords

5 things you can do today to keep your company safe

I is for Insurance and Investments

3 easy things you can do to reduce your risk

E is for Employees

4 ways employees can keep your company safe Get Free Access

Posted in
Tim Rettig | IT Support Cincinnati | Intrust IT

Tim Rettig

Tim Rettig, Intrust IT founder and serial entrepreneur, is a tech expert, educator and tireless advocate for employee ownership. His strategic work to build partnerships with clients has made Intrust into one of the fastest growing IT companies—scoring a spot on Inc. 5000’s list of Fastest Growing Private Companies for a total of four years.

Share this Blog

Enterprise Password Management Promo Wide

Is Your Name or Birthday a Part of Your Password?

If so, you’re a part of the 59 percent of people who don’t follow proper password hygiene. More than 70 percent of passwords are used for more than one system, meaning if cybercriminals crack one, they can access a lot more accounts.

Our free Enterprise Password Management Guide will give you the best password hygiene practices to help you secure your computer and your business.

Download the Guide

Explore the Latest Trends in IT

Securing Our Cities Cybersecurity Protection for Local Governments - Intrust IT

Securing Our Cities: Cybersecurity Protection for Local Governments

As a city or municipality manager, you understand that the security of your community extends far beyond physical borders. With...
Manufacturing and IoT Securing Connected Devices

Manufacturing and IoT: Securing Connected Devices

You're the operations manager of a cutting-edge manufacturing facility, overseeing a production floor buzzing with activity. Your team relies on...
Small Business Cyber Security Toolkit

Small Business Cyber Security Toolkit: The Tools You Need to Stay Protected

With great power comes great responsibility, especially when it comes to running a business and protecting your digital assets. As...

Business Continuity Plan Template for Municipalities

Municipalities are facing increasing cyber attacks.  With cybercrime rates soaring and municipalities ranking as prime targets, the need for robust...
Cybersecurity Strategies for Municipalities 8 Expert Tips - Intrust IT

Cybersecurity Strategies for Municipalities: 8 Expert Tips

Municipalities tasked with safeguarding sensitive data and critical infrastructure are increasingly the targets of cyberattacks. Municipalities often handle a vast...
Business Continuity Guide for City Managers - Intrust IT

Business Continuity Guide for City Officials

The resilience of a city's operations hinges on its ability to effectively weather unforeseen challenges. From natural disasters to cyber...