Single Sign On (SSO)

Single Sign On (SSO) Process

SSO is an enterprise solution that allows users to authenticate once (typically once per session) and get access to all enterprise resources connected to the SSO system. Typically to achieve this magic, multiple techniques are used behind the scenes, depending on what methods each resource supports

Frequently Asked Questions
What is SSO?

Single Sign On (SSO) is a solution that allows a user to authenticate once and gain access to all applications/resources supported by the SSO, without having to sign in separately to each application/resource.

What is an example of single sign on?

There are many SSO solutions in the market. Active Directory (AD) is an example of a SSO because all domain resources joined to AD can be accessed without the need for additional authentication. SAP, Oracle, IBM and others offer SSO solutions for enterprise use. Okta, OneLogin and others specialize in single sign on for web applications.

What are the Advantages of Single Sign On (SSO) ? 

To name a few of the many advantages provides an organization

Access logs – an SSO portal provides detail reporting on who accessed what 

Session time – by eliminating credential reauthentication users spend less time on the authentication process leading to improved productivity.

Centralized database –  one database that includes logs for authentication and authorization to support compliance and administration. 

Less credentials means less chance of phishing –  phishing emails and social engineering are nearly impossible 

Reduce help desk costs – reducing the amount of credentials (passwords) translates to less  help desk calls which are estimated at 20 – 50% of all help desk calls. 

What are the Disadvantages of Single Sign On (SSO) ? 

The main disadvantage of SSO is in its use of one set of credentials, if those credentials are not protected correctly and are stolen the thief has access to your entire kingdom.
Companies should always use a 2nd factor to login to SSO (at the very less), companies who take security seriously will use multi factor authentication (MFA). 

The second less talked about disadvantage to SSO is the fact that while it provides single sign on it does not provide single sign off, the logoff process varies from application to application and depends on the settings of the application, user sessions usually stay active long after the user has completed his/hers use which can easily lead to session hijacking.