How to Maintain Password Security When Using SSO with Cloud Apps
Many businesses are turning to single sign-on (SSO) as a smart and effective password security option for their users. It makes sense—SSO offers many benefits for offices and workspaces.
With the right SSO system, employees can save valuable company time by not having to continually log in to various applications over and over again throughout the day. Plus, password security is “built in” to the best single sign on software solutions. With password management software, password security-related tasks—like password expirations, resets, and more—are automated, eliminating the human error factor. This, combined with the ease of signing into all of your applications from one screen, makes SSO a true win-win situation for businesses of all sizes. But in order to get all of these benefits, you’ve got to find the right SSO software.
SSO in the cloud: Powered by workflows
One area that finds some SSO systems lacking is in their compatibility with the constantly increasing number of cloud applications.
The cloud is inescapable in the modern IT world; everything is moving to the cloud. Common office applications like Office365 and Salesforce are cloud-based, and thus, password protected. But using these cloud-based programs with some SSO programs might be harder than you think. Office365 for example, following Microsoft’s standard process for setting up Active Directory Federated Services (AD FS) and DirSync, requires additional dedicated hardware and about 3 to 4 days of administrative work to set up for many SSO programs.
But fear not: with advanced password security programs, implementing SSO with cloud apps is a highly effective (and usable) reality. These types of systems offer SSO workflow automation. With workflow automation, a web recorder captures your login sequences, saving them to a protected file that you can edit and use for single sign-on with your password management software. This means that you don’t need your web app to support SSO and you don’t even have to follow their steps for SSO integration. Because you’re using workflow automation, to the app, you appear to just be a user signing in regularly.
Private and on-premise implementation
Another important feature to look for in a password security solution is that it allows for the technology to be implemented on private servers or on premise. What does this mean? When you store passwords in any password management system, those passwords—which are the key to your entire infrastructure—have to “physically” exist as bits on a storage device somewhere. In good practice, these passwords are encrypted, so that if they are ever compromised, the attacker would only be left with a garbled mess of numbers and letters.
But when you’re storing your passwords in a password management system that uses an off-premise or cloud server, you’re dependent upon your host’s security procedures to ensure that your data is encrypted correctly. You’re also at risk of a systems failure (like a flood or security breach) at their end affecting your business. But if your passwords are stored in your own data center (or server rack, for smaller MSPs) you can apply security and fault-tolerance to your own tastes and control your own risk level.