What is Corporate Single Sign-On?

Corporate Single sign-on (SSO) is the process of allowing an organizations employees to access a wide variety of company services without needing to maintain and enter separate user-ids and passwords for each site.  The types of services that employees might use include everything from time-card entry to travel management, to continuing education.  The average company or organization has dozens of different systems providing scores of services.

Corporate security in the Cloud

Traditionally, each time a company wished to add a productivity tool, employee benefit, or management tool to their application suite, they searched for best of breed software and then installed that software on their internal networks. This creates an ever increasing burden and expense on internal Information Technology (IT) resources to maintain and upgrade all these offerings.  With the advent of the Cloud and Software as a Service (SaaS). Companies increasingly outsource these functions to on-line service providers.  Employees then access the services via browsers.  This is a cost effective approach but leads to productivity and security considerations.

Cloud based system such as payroll, health benefits, workforce management, and recruiting all contain sensitive employee information.  When employees have individual accounts on each of these systems, it becomes very difficult to enforce typical corporate policies related to user management including:

  • Password policies – how often a password should be changed, minimum password strength, etc.
  • Termination policies – company and government regulations dictate that when employees leave the company, there access from corporate systems must be immediately revoked.
  • Credential protection policies – Employee passwords must be protected from unauthorized interception and viewing.  This is very difficult to enforce and prove, when employees have ids and password on dozens of system maintained by dozens of companies.

Corporate SSO protects users and the company

Single sign-on allows users to sign-in once to the corporate network and then seamlessly navigate to cloud-based systems without signing on again.  This benefits both the employee and the company as follows:

  •  The employee does not need to remember and update dozens of passwords so they are unlikely to forget them (or write them down)
  • The company password policies now apply uniformly to all of the cloud based services
  • When an employee leaves, revoking their corporate account automatically denies them access to all of the cloud-based systems
  • The cloud services never see the employee password, nor does it ever leave the corporate internal network so it cannot be viewed by SaaS service personnel.

Implementing Corporate SSO

SSO provides a great deal of benefit and effectively enables a strategy of cloud-based corporate services.  However, it does requires a startup effort to integrate the various SaaS services to the corporate network.  The ins-and-outs of this integration process will be subject of my next blog.  Suffice to say that virtually all major (and most minor) cloud-based services implement standards based Single sign-on methods so effort of setting up and maintaining an SSO connection pales in comparison the risk and effort of maintaining, updating, and auditing thousands of user accounts across dozens of system.

CorporateSSO

Learn More

IDM 360™ Corporate Single Sign-On and Data Sync

Powerful platform that allows quick and secure implementation of SSO solutions, hosted on-premise or in the cloud.
Learn More