How many platforms and apps do your employees use? Typically, employees use a dozen or more to get their work done. If they have to log in to each one separately — then log in again when apps become idle — it slows them down and opens your organization to risk. User credentials are portals into your network, and compromised credentials are the main source of breach origination.
A single sign-on (SSO) authentication tool helps resolve significant productivity and security issues.
SSO is part of identity and access management (IAM) and has been around for years. With SSO, users log in once to a secure application gateway then access the apps they need with one click. There’s no need to enter additional credentials because the SSO has already verified them. SSO is different from Multifactor Authentication (MFA) in that provides a simple, single secure portal through which users log on — it’s more about productivity than security. SSO and MFA are used in conjunction to meet both goals.
Implementing SSO makes even more sense in 2020 as being able to work remotely and securely has become critical to business continuity and phishing is at an all-time high. The improved visibility and streamlined IT management functionalities are added benefits.
Leapfrog recommends SSO to all of our clients because:
1. It improves productivity
- Users like it — It’s faster and easier. And research shows 30% of an employee’s work experience is directly related to IT.
- Less likely to get locked out — It’s easy to get locked out of an app when you’re in a hurry and don’t enter a password correctly. Once locked out, employees often need help from the IT department.
- It’s very customizable — You can create different rules for different devices. For example, you can make the rules to connect from a personal iPad more stringent than a company-owned device — and you can block connecting from a public device entirely.
- Saves time for IT — SSO enables administrators to automate identity creation and removal and can handle many other IAM tasks from within the SSO, which is faster and less prone to error. Processes such as onboarding employees, granting access to vendors and partners, and assigning (and revoking) permissions can all be automated.
2. It helps you be more secure
- Sets up your network for the most secure access — Authentication happens in only one place, making protecting it simpler and easier to audit for anomalies from suspicious devices, locations, or time of day.
- Authenticates access privileges in real time — A dedicated, secure SSO policy server checks user rights against an IAM broker, which has been configured according to your company’s requirements. Some SSO platforms include machine learning to identify potential areas of compromise so your IT administrators don’t need to configure everything themselves.
- Reduces risk from compromised credentials — The fewer passwords, the less risk they’ll be reused (and then compromised), stolen during a breach (one that’s disclosed or undisclosed), or inadvertently shared (with family members or well-meaning coworkers).
- Layer on multifactor authentication (MFA) — Using an SSO platform with MFA, which can include biometrics and location, is a best practice and is included in most SSO platforms. Conversely, using SSO without MFA discounts the platform’s security capabilities.
- BYOD-ready — Using a personal device to access the network is as secure as using a company-owned device.
3. It adds visibility, accountability, and control
- Multiple configurations available — SSO systems vary. Organizations can choose one that matches the level of security and feature options they need.
- Accurate user logs — Managers have visibility into who has accessed the network and what they did while they were there.
- Simplifies auditing and reporting — Complete visibility and logs make running compliance reports faster and simpler.
- Controls access based on business need — Most modern SSO platforms allow for conditional access. Administrators apply rules based on business use cases, such as operating certain systems during specific times and/or from specific locations. For example, access can be denied to someone who is trying to enter the accounting system to cut checks from outside the office at midnight.
Leapfrog believes SSO has become core to IAM and the ability for employees to work productively within integrated IT environments. If you haven’t already, we recommend that you talk with your IT team about the best approach to implementing SSO.