Single Sign-On: Advantages, Disadvantages, and Considerations
Improved IT security and end-user experience makes Single Sign-On an IT solution worth reviewing with your Managed IT Service Provider. However, there are certainly disadvantages to consider. In this article, we explore both to provide transparency about this tool.
What is Single Sign-On (SSO)?
SSO is an authentication tool that enables employees to access web-based applications and when used with Active Directory, company-specific software with a single set of credentials. These business resources are consolidated, monitored, and managed through a cloud-based dashboard, made more secure through multi-factor authentication. SSO simplifies the way employees access apps and software while increasing security and efficiency.
Most Single Sign-On solutions provide the following features:
- Cloud-based dashboard
- User directory along with support
- Mobile app connection
- Support for most well-known business SaaS apps]
- Administration of access policies
What are the benefits of SSO?
SSO has a positive impact on the onboarding process of a new employee or the deployment of a new computer to an existing employee by significantly reducing the time required to provision the user’s many different accounts. Global password management is optimized as employees are not required to update each app or software platform.
SSO also comes with many configurable security features. A policy server manages credentials, which can be configured for different security policies and permissions. Reports, analytics, and activity logs are available. Also, access to all of the apps and software accessed through SSO can be rescinded immediately if a user is no longer employed by the company. This feature greatly simplifies the off-boarding process.
Additional benefits to incorporating a Single Sign-On solution include:
- A reduction in login errors and IT issues/tickets.
- End-users are not able to login to other users’ accounts.
- New applications and software deployed all at one time, rather than individual installations, which speeds up user adoption rates.
- A clear picture of which employees are accessing various apps and software.
- Your Managed IT Services team can be more efficient and will have more time to focus on other proactive work for your company.
- Increased productivity and security for remote employees and distributed workforces
What are the disadvantages of SSO?
Every IT solution has benefits and drawbacks, including SSO. Here are some disadvantages to consider when consulting with your trusted IT service provider:
- If the Single Sign-On provider goes down, your entire company will lose access to connected apps and software.
- There are still some applications that do not support SSO. This results in employees needing additional login credentials, which defeats the point of simplifying the environment with SSO.
- Some businesses have shared workstations. For example, a computer in a conference room, or a computer used for extra-large files at a product development company, may be shared by a few (or many) employees. The last user will need to be sure and log out each time to avoid accidentally providing access to all of their company accounts to the next user.
- Companies in various industries, such as banking, require one-time password tokens to be generated to access their data. These types of security tools don’t work with SSO.
- If a Single Sign-On provider is hacked, all of their customers are vulnerable. When paired with MFA, this is more of a business disruption, rather than a major data breach. The MFA adds an additional layer of security so that the data isn’t accessible.
Other Considerations of SSO
- Strong passwords are recommended. With Multi-Factor Authentication (MFA), also highly recommended, the password doesn’t have to be overly complex. Employees must be educated about not writing down this one password where other people can find it. That could be a challenge for some people. However, MFA provides the ability to reset the password if it’s forgotten.
- An Identity Provider (IdP) is required, such as Active Directory. Not every company has or needs this, so this could increase price or complexity.
- The SSO solution you choose could have a monthly cost. It’s best to talk this out with your Managed IT Service Provider and determine if the cost is worth the benefits for your particular businesses.
- With SSO, there is a great deal of trust put into the administrators of the SSO account (possibly your IT service partner). It’s recommended that both the business owner and the SSO administrator understand IT security requirements and have controls in place to prevent confidential information from getting into the wrong hands. If you’re working with an IT service provider, make sure they are a trusted resource.
- Many of the benefits (and possible disadvantages) of SSO can be found in other IT solutions, such as directory-as-a-service. It’s essential to know about all of the options available so that you make the right choice for your business.
- SSO implementation is generally considered to be a separate project outside of Managed Services because of the time and senior-level engineer expertise required. In addition, SSO is not plug-and-play; effort is required to tailor the solution to meet the needs of the business. Therefore, there is a cost to implement this solution.
Is SSO the Right Solution?
At Parachute, we deploy and manage SSO solutions and similar options for our clients. We facilitate a collaborative process with our clients to review deployment and management, costs, features, and impacts on the business. If you would like to learn more about Single Sign-On, please contact us. One of our specialists can talk with you about the advantages it could bring to your business as well as the disadvantages to consider.