Can Single Sign On be Simple Sign On?

An article by David Perry at IT-director.com describes the benefits and shortcomings of single sign-on authentication method:

“Fundamentally, Single Sign On (SSO) is a straightforward idea. You use a proxy device to authenticate a user, and the proxy then manages all the login idiosyncrasies of the applications they want to access”.

“The devil is, of course, in the detail. For example, how do you know how all of your enterprise applications manage their login? Does the proxy do this for you or do you have to write a login script for each one individually? If you deploy the solution and the application decides it wants a password refresh, is your helpdesk buried by calls from angry users who can’t get into the application and do their work?”

The other thing we need to realise is that SSO is not an authentication solution in itself; the connection to the proxy can be as open or tightly controlled as you like. An SSO proxy also needs to be 100% reliable, otherwise it will lock out all users from the system when it fails. Furthermore, security of the SSO solution itself is a big consideration as the proxy necessarily contains the login credentials and access rights of every user on the network.

However, if implemented appropriately, a well-executed SSO solution gives network and security managers a central point for implementing network policies, such as application access rights.

This blog is run by the authors of FindProtected.
FindProtected is an effective security program that allows you to search your network for password protected files. With FindProtected, you can properly identify protected files containing sensitive data on your network and relocate them if necessary.

Comments are closed.