Things to Think About When Looking to Implement Single Sign-On
Single Sign-On (SSO) software is a great way to defend your company against hackers while ensuring your workers aren’t unnecessarily inconvenienced. Before you make your purchase or implement an SSO platform, consider the following.
Will the End User Need Any Specific Software?
A lot of companies eventually find themselves in an awkward position after they’ve gone to the trouble of investing in SSO software and implemented it: their end user can’t use it without special software.
You have to look into this beforehand to avoid this kind of awful surprise. Obviously, if end users are going to need software to use your SSO, you not only have to provide it, you have to consider the cost involved and how to roll it out.
What Applications Will Your Solution Be Able to Protect by Default?
Some applications are more popular across business users than other options. It’s important that your SSO solution makes accommodations to these by default. Whether it’s PSA, RMM or CRM solutions, you don’t want to rely on workarounds or otherwise have to use custom implementations to get access.
Cloud applications would definitely make sense to include as one of the applications that have default protection with your SSO. Like we covered above, take your time considering all the different programs you’re going to want to use your SSO for. Don’t forget about apps as well as legacy applications.
How Fast Can You Implement New Applications?
For the most part, your SSO solution will need to provide authentication out-of-the-box for as many applications as possible. That being said, it’s inevitable that companies will eventually need to get past the catalog their SSO came with. They’re going to need to include some specific platforms that are required to do their job. When that happens to you, it’s vital that you’re able to onboard them ASAP.
Therefore, make sure you ask the vendor of any SSO you’re considering about this crucial requirement.
The right SSO should make it easy to implement new applications as simple as can be expected. One that doesn’t should come with excellent support so that, if you decide to go with it, you have a team from the vendor that is ready to help at the drop of a hat.
How Does the Software Provision Users?
Almost every company has people who come and go. Obviously, turnover is practically unavoidable. However, many also have consultants, vendors, contractors, temps and others to think about too. They may need access to an organization’s applications and other resources during their time with the business.
Find out how difficult it will be to provision new users and what goes into managing that kind of process. You should ask about how long it will take too. Will the vendor be helping at all? How does their SSO solution make this any easier?
One really helpful feature to look for is the ability to sync with your active directory. An SSO platform that can do that can also streamline the process of provisioning users in a big way.
Is Role-Based Access Possible?
SSO should come with the ability to assign access to a user based on all kinds of criteria. This might include something like the department an employee works in, the role they play in the IT infrastructure or just the company they’re with.
Whatever the case, by being able to do this, you can also add users much quicker and without slowing down your business processes. It’s also a good way of ensuring that you can change user permission levels should they ever take on a different role, change departments or do something else that would make this necessary.
Is MFA Supported?
Without a doubt, SSO is great for security and convenience. However, multifactor authentication (MFA) is a great way of keeping your company’s information private too. Will your SSO software be able to work alongside it if you choose to use both? Together, they’re an unrivaled combination.
How Easy Is It to Revoke a User’s Access?
Obviously, the main reason to invest in SSO is because you want to improve your company’s security measures. Imagine, then, if that money was wasted because you weren’t able to revoke an employee’s access in a timely manner after they had been let go. Another reason you’d want to do this quickly is in the case of a contractor whom your company is no longer using. As soon as they’ve moved on, you have to make sure they can’t log back in and use your SSO solution.
It’s imperative that, when you ask a vendor about this, they make it perfectly clear that you can revoke a user’s access immediately. Even waiting as little as a day, or even an hour, could cause you big problems.
Which Identity Standards Are Supported?
A prospective vendor may have all kinds of answers to this question, but the one that matters most is SAML. It might be the most popular identity standard on the market right now. That’s because it offers convenience, high-security standards and prevention against phishing and other common forms of attack.
Does the SSO Provide Options for Failover and Redundancy?
Look for an SSO solution that will make it easy took connect to a failover server and in a reliable manner. If not a failover server, it should be possible to connect with some other backup resource. This will make a world of difference in the event of your primary server failing.
The process should be seamless so that access to your other applications remains available during the worst case scenario for your network. You want to be able to configure any necessary backup and/or failover servers with as little effort as possible.
How Does Your SSO Solution Affect Business?
The last thing you want is to find the “perfect” SSO software on paper, implement and then find out that it’s going to affect your company’s productivity in a negative way. If anything, an SSO should be removing unnecessary roadblocks and making it easier to get more done.
Although that’s a lot to consider, it will make all the difference when you find the perfect SSO for your needs.