Single sign-on (SSO) is a centralized user (and session) authentication service in which an identity provider (IdP) allows for one set of login credentials to be used to access multiple cloud-based applications such as Salesforce, Hubspot, Dropbox or JIRA. The significance of SSO is in its simplicity; the IdP authenticates a user one time to then enable access to a plethora of connected apps, without having to log in to each one individually. Not only does this address password and access management security concerns, but workplace productivity also gets a boost.
When it comes to cloud privacy and security, strong passwords are a piece of the puzzle, but quite frankly, they can be hard to remember for every individual cloud-based application your organization uses. The need for SSO rose from enterprise adoption of cloud-based web apps— an organization may use tens, or even hundreds—not directly connected to a corporate network’s identity & credential repositories. Coupled with user frustration from constant login requests and IT departments having to manage onboarding and offboarding for hundreds or thousands of users, it quickly becomes a roadblock to productivity.
After all, in today’s digital workplace, individuals don’t just need access to your organization’s chosen apps at the office; they often need access anytime, anywhere, and from any device. Therefore, streamlining the login and authentication process is critical for both productivity and security.
IT teams can take the security of SSO one step further with multi-factor authentication (MFA). This requires users to present more than one factor of authentication to ensure the sign-on attempt is coming from the valid account owner, not an imposter. Factors of authentication include “something you know” (your password), “something you have,” such as a one-time passcode from a mobile app or from a physical device such as a Ubikey or RSA token, and “something you are,” such as your fingerprint, voice, or other biometric.
Although MFA exists independently of SSO, introducing the two together as your IT team’s newest tools helps ensure the privacy and security of your organization’s most sensitive data and intellectual property. Here’s why it’s worth it:
Reduce the number of login credentials an employee has to remember. If they forget the password, they only have to change it in one place—the IdP.
Reduce the number of times and places that employees have to login—even when they need access to multiple cloud-based apps.
Require an additional factor of authentication to verify the employee’s identity and ensure users accessing sensitive data within accounts, applications, and files are authorized.
Earlier this week, we announced several privacy-enhancing product updates, including SSO integration, designed to strengthen our customers’ privacy management initiatives. Now, Virtru customers can leverage existing SSO authentication by integrating with any SAML 2.0 identity providers—such as Okta, OneLogin, or Ping Identity. This feature is available at no additional charge to our customers. To learn more about this feature, check out our on-demand educational webinar.