• No results found

Choosing a Single Sign-on solution FIVE things you MUST consider 1

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Choosing a Single Sign-on solution FIVE things you MUST consider 1"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

1  

Choosing a Single Sign-on solution

FIVE things you MUST consider

 

System Compatibility

 

Will  the  product  I  choose  work  with  every   business  system?  

 

A  key  consideration  when  choosing  a  Single   Sign-­‐on   (SSO)   solution   is   identifying   the   extent   to   which   it   will   work   with   existing   business   services.   Traditional   Single   Sign-­‐ on  solutions  require  third  party  integration   –  that  is,  all  business  systems  have  to  have   made  provision  to  opt  into  the  SSO  service.   Those   that   haven’t   will   not   be   compatible  

with  the  SSO  solution.  In  a  typical  organization  this  can  mean  that  a  sizeable   proportion   of   services   will   have   to   operate   outside   the   scope   of   the   SSO   service.  

 

It’s  can  often  be  a  false  economy  investing  in  a  solution  that  doesn’t  fully  solve   the  problem  it  set  out  to  solve.  Single  Sign-­‐on  solutions  that  only  work  with  a   proportion   of   business   services   leave   a   business   with   huge   security   vulnerabilities.   It’s   important   that   the   service   you   choose   works   with   the   business   services   you   need   it   to   work   with,   so   always   check   the   extent   to   which   this   is   the   case   before   making   any   decision.   If   there   are   business  

(2)

2  

Device Compatibility

 

Will  the  product  I  choose  work   with  every  device  in  use  

throughout  the  business?  

 

An   SSO   solution   that   is   restricted   to   desktops   PCs,   won’t   work   on   Macs,   or   is   non-­‐mobile   friendly   should   not  even  make  your  shortlist,   as   it   isn’t   fit   for   today’s   market.   The   ever-­‐increasing   variety  of  devices  in  use,  and  

the   proliferation   of   BYOD   within   many   organizations,   has   made   it   a   necessity  that  company  systems  can  be  accessed  from  anywhere.  It’s  also   given   employers   the   headache   of   facilitating   corporate   access   through   multiple  devices  without  losing  control  over  account  security.  

 

A  Gartner  survey  determined  that  nearly  40%  of  CIOs  expect  to  stop  giving   workers  corporate-­‐owned  devices  by  2016,  as  the  adoption  of  Bring  Your   Own   Device   (BYOD)   programmes   become   more   widespread.   With   this   upward   trend,   it’s   vital   that   any   Single   Sign-­‐on   solution   is   capable   of   operating   on   a   variety   of   different   types   of   devices.   Ensure   that   your   chosen   solution   will   operate   on   all   mainstream   OS’s,   Windows,   Mac   and   Linux,  as  well  as  Android/Apple  tablets  and  smartphones.  

 

If   your   chosen   Single   Sign-­‐on   solution   doesn’t   make   provision   for   this   device  diversity,  employees  will  invariable  find  a  way  to  use  what  they  find   most-­‐efficient   and   convenient   for   them,   potentially   resulting   in   weaker   practices   being   applied   to   facilitate   their   access.   It’s   not   uncommon   for   employees  to  write  passwords  down  or  store  them  on  a  phone  or  tablet  if   there’s  no  secure  mechanism  to  access  them  from  their  chosen  device.  

                       

(3)

3  

Security

 

Will  the  product  I  choose   improve  company  security  or   create  new  weaknesses?  

 

A   Single   Sign-­‐on   solution   that   ultimately   reduces   corporate  

security   would   be   a  

catastrophe,   so   here   are   the  

security   considerations   to  

understand  when  implementing   a  solution.  

 

Firstly,   understand   what   type   of   product   it   is   you’re   purchasing.   Is   it   a   traditional   Single   Sign-­‐on   solution   or   is   it   a   Password   Management   solution  with  a  Single-­‐Sign  on  experience  for  users?  Does  it  use  tokens  to   authenticate   users   with   third-­‐party   sites,   or   does   it   work   in   conjunction   with  the  existing  UserID/password  systems  in  place  to  authenticate  users   with   services.   If   it’s   a   token-­‐based   system,   how   strong   is   the   employee   authentication  access,  does  it  simply  require  a  weak  8-­‐character  password   to  gain  access  to  all  corporate  systems  for  example?  

 

Systems  that  allow  access  to  all  corporate  logins  should  not  be  protected   by  just  one  employee-­‐chosen,  potentially  weak  password.  If  the  traditional   Single  Sign-­‐on  solution  does  have  good  authentication  security,  but  doesn’t   work  with  all  business  systems,  then  separate  provision  must  be  made  for   the   systems   that   are   outside   the   scope   of   the   solution   –   for   example,   ensure  strong  password  policies  are  in  place  for  all  other  systems.  

 

If   it   doesn’t   use   tokens,   does   it   help   identify   and   fix   any   3rd   party   site  

(4)

4  

Deployment time

 

How  long  will  it  take  to  roll   out,  and  how  much  training   will  be  required  to  

implement?  

 

A   consideration   that   is   often   overlooked   is   just   how  long  it  will  take  to  roll   out  and  train  users  for  the  

new   Single   Sign-­‐on  

solution.   You   should  

consider   whether   it   needs   to   be   pre-­‐configured   by   the   IT   department   before   employees   can   use   it,   or   whether   users   themselves   can   set   it   up.   Does   the   existing   way   business   systems   are   accessed   need   to   change   to   facilitate  the  new  solution,  or  does  it  work  with  the  existing  way  services   are   accessed?   Employees   being   able   to   self-­‐setup   and   add   their   own   business  logins  to  a  corporate  system  that  the  management  team  then  has   visibility  of  massively  reduces  setup  time,  cost  and  increases  the  speed  of   change  for  a  company.  IT  departments  often  think  they  know  the  systems   that   employees   login   into   but   our   research   shows   otherwise,   with   an   increasing   reliance   on   cloud   based   services,   departments   and   managers   often  sign  up  to  services  for  legitimate  business  use  that  the  IT  department   have  now  idea  exist.  Self  set  up  allows  the  business  to  centralize  visibility   and   management   of   these   logins   once   added   by   the   employee.   It   also   allows   secure   sharing   of   access   between   co-­‐workers,   contractors,   and   mitigates   against   insecure   practices   such   as   emailing   passwords   to   collaborating  companies,  or  posting  notes  on  the  server.  

 

A  system  that  allows  both  central  management  and  maximizes  employee   self-­‐setup  where  possible  is  the  ideal.  This  way  deployment  times  and  cost   is  slashed.                          

(5)

5  

Price

 

Just  how  much  will  it  cost,  and  will  there  be  a  return   on  the  investment?  

 

Things   to   consider   are   whether   there   are   one-­‐off   setup   fees   with   large   upfront   capital   costs.   Is   the   cost   in   advance   or   in   arrears?   Is   an   annual   subscription  fee  required,  tying  you  into  a  service   for  at  least  a  year?  Is  the  subscription  fee  monthly,  

allowing   you   to   reduce   the   risk   to   being   tied   to   a   service   that   ultimately   doesn’t  deliver?  An  often-­‐overlooked  factor  is  how  much  the  solution  can   actually  save  the  business  –  for  example,  does  the  proposed  solution  allow   you  to  monitor  concurrent  license  usage  and  potentially  reduce  the  need   for  unused  licenses?  

So, what is the right solution for you?

 

The  right  solution  is  the  one  that  solves  your  problem,  and  does  it  within   your   timescale   and   budget.   The   perfect   solution   is   one   that   solves   your   problem  and  actually  provides  a  return  on  your  investment.  

 

When  searching  out  a  solution  you’ll  have  to  decide  between  two  different   types  of  technology  –  a  traditional  Single  Sign-­‐on  solution  or  a  Password   Management  solution.  

 

Password  Management  solutions  work  in  conjunction  with  the  passwords   that   will   likely   currently   protect   business   accounts.   Single   Sign-­‐on  

References

Download now ( PDF - 5 Page - 1.52 MB )

Related documents

On Creating an English for Specific Purposes Course for Pharmacy

supplemented with unfamiliar idiomatic expressions, cultural references, or colloquial or regional uses of English, stress can increase. Stress can also feel magnified simply

Practical Guide 5 Domestic Travel

 managers approving travel expenses are to ensure that the expenditure relates to travel that was approved in advance, cash withdrawals for meals & incidentals allowances do

Job Resources Expanded

WIOA reauthorizes and reforms core workforce development programs administered by the Departments of Education (ED) and Labor, and transfers certain disability and

Re-reading worldliness: Hannah Arendt and the question of matter

The particular conditions Arendt identifies are: the earth, which is the habitat in which we, along with all organic life, are able to “move and breathe without effort and

Hype or Hope: Can the Scholarship of Teaching and Learning Fulfill Its Promise?

For example, the home website of the International Journal for the Scholarship of Teaching and Learning proclaims that SoTL research is “a key way to improve teaching

Course for educators: designing an instructional event centre for innovative educational and communication technologies (CIECT) University of the Western Cape

By the end of the course, the teacher- educators were expected to: (i) explain the current trends in eLearning and how they affect the teaching practice; (ii)

Roadmap for Manufacturing Education

Embedding industry-based certifications in manufacturing- related programs of study, and increasing articulation between two-year and four-year institutions, will help ensure

Textile Dyeing and Printing-II

Process skills Activities Materials required Products Evaluation Practice to printing design with direct, reactive, vat, azoic and dispersed colors on cotton,