Behold the power of one password. That's right, password. No longer are you faced with a plethora of login credentials that you know you will never remember. That vicious cycle of helpdesk calls followed by daily account lockouts has finally come to an end. It sounds like you’ve found yourself a single sign-on (SSO) solution and you’re ready to embrace the convenience. After all, convenience was your primary reason for adopting such a technology, was it not? I’ll let you get back to me on that one. In the meantime, let’s take a look at SSO security, a hot topic among the information security community and what more and more IT decision makers are referring to as their “primary motive” for deploying SSO.
SSO Security - Blinded By the Light
 |
| Photo credit to: Indiana Times |
5. Encourages the use of Stronger Passwords
One of the major misconceptions towards SSO is that it weakens security with its “single point of failure” representing just one point of attack. The most cut-and-dry way to respond to this argument is by providing the most obvious advantage of remembering a single password: convenience. When a user doesn’t have to remember passwords for 26 different accounts or applications, 5-10 passwords that were once easy to remember are replaced with one, complex password. The added benefit of a single password to SSO security is the ability to enforce a strong password policy with little to no end user repercussions - one complicated password is much easier to remember, and much safer, than a series of weaker passwords.
4. Encourages Employees to Follow Company Security Policies
As noted, this SSO Security Advantage goes hand-in hand with the last one. Removing certain complexities from the workplace makes it that much easier for employees to adhere to your security policies. Sometimes, these streamlined advantages are overlooked. In this day and age, passwords are a bit of a hit-or-miss - users either write them down, or share them for the sake of convenience. A strong password policy, by necessity, will be complicated and slightly difficult to remember. With an appropriate solution in place (and possibly by combining SSO with self service password reset), adhering to a complex password policy becomes much simpler, bolstering SSO security to new heights.
3. Improves Compliance
SSO security? compliance? No, I’m not transitioning into another preaching session on 2FA and compliance. Don’t get too excited. As SSO prompts employees to use security applications like a secure file transfer system, your company is more likely to be in the good graces of regulations like the PCI-DSS and HIPAA. Compliance often depends on authentication security and data transfer security. With SSO, data is encrypted in transit under tried and true protocols. SSO security keeps both your end-users and the auditors happy!
2.Limits the Possibility of Phishing
We’ve already become privy to the wrath of phishing in Preventing Phishing Attacks. Now it’s time to apply them to SSO Security. One of the areas SSO and web access management demonstrate security is through the server. Credentials from the end user are forwarded directly to the central server verses the actual service that the user is attempting to access. This applies to phishing prevention because the SSO provider limits the propagation of login credentials. Some might say that this is only a disconnect - that the SSO service becomes the primary target. While this might be true, SSO adds another mitigating layer of encryption to protect user credentials for individual accounts. Additionally, adherence to the previously mentioned SSO security methods will reduce the risk of a successful phishing attack more so than providing the attacker with various weaker targets.
It is much easer to defend a strong, centralized gate, than to expend resources monitoring and protecting a handful of weaker entry points.
1. No Need to Write Down/Record Current Passwords
If you’re like me, you like to take down notes for everything. Whether it be hand-written, or on an excel spreadsheet. When it comes to passwords, however, I think that remembering one is not an issue. No matter what industry you’re in, everyone has written down a password or pin number at one point in his or her life. This practice, however, is probably not the best way to keep track of your passwords if you’re an account manager for a well-established investment firm. Again, SSO security for the win! While SSO does not remove your password from the services incorporated, it promotes an added layer of protection and reduces the number of times you will need to use or recall that password. After a SSO service is introduced into a workplace, remembering 5 strong, complex passwords that actually adhere to a company security policy becomes a non issues. That's the true wonder and benefit to SSO security - convenience, security and usability all rolled up into one.
There you have it. Not only do you have access to the 'Holy Grail' solution, you now know how to recognize and utilize the full potential of SSO security. Convenience is a beautiful thing, but you can’t let it blind you from potential vulnerabilities. When properly implemented, SSO is an efficient way for your business to achieve that balance between security and usability.
No comments:
Post a Comment