As companies offer increasingly complex software solutions to growing user populations, they must balance usability and accessibility with security and compliance requirements. For many companies, a single sign-on portal can be the secure and manageable solution.
Historically, businesses have offered customers access to applications using simple username and password combinations that never changed. This practice is no longer sufficient in today’s world, with increased privacy concerns and the necessity to maintain security around personal health information, financial data and other personally identifiable information. To make matters worse, businesses now typically offer customers multiple applications across multiple devices, from laptops to mobile phones. But, rather than providing users with a separate “login” for each application, businesses now have better options.
These options, known as federated identity, identity and access management, or simply single sign-on user experiences (SSO), can be a source of differentiated value when implemented correctly, according to Phuong Nguyen, senior architect at Twentyseven Global. SSO offers many benefits.
- Better User Experience. Businesses that offer multiple software products, especially software as a service (SAAS), may find that SSO helps significantly with user experience moving from one application to another, since users don’t have to remember multiple credentials to access products.
- Collaboration. These days, there aren’t many people operating in a silo environment. Partners, collaborators and more want to use and/or integrate with your business process, while customers want to integrate with your product. Allowing trusted partners to authenticate a user for you and granting permissions to that user to access your system is fast and convenient. This is known as federated identity.
- Increased Revenue. With an SSO architecture in place, businesses may develop new application services as new sources of revenue and easily offer those services to existing customers. The user is able to subscribe to multiple offerings from the business rather than being tied to a single service.
- Lower Cost of Administration. SSO options eliminate the task of supporting multiple user management systems and everything that comes along with it, including user provisioning, revoking access, assigning permission and other tasks that would otherwise need to be repeated over and over across each management system.
- Improved Security. With a secure SSO system already in place, application developers can focus on delivering business value without having to create a new secure user management system for each application. The SSO system can increase security by automatically checking for password strength, setting password expiration dates and supporting multi-factor authentication.
Twentyseven Global is experienced in providing SSO solutions, ranging from simple third-party open authentication (e.g. Facebook or Google sign-in), integration of licensed and open source single sign-on tools, or implementation of standards-based, in-house identity access management solutions.
Nguyen said, “To capture the benefits, businesses should implement solutions-based standard protocols, such as OpenID Connect, OAuth2 and SAML. Though it’s possible to roll your own identity management solution, standards-based systems will provide greater flexibility—for example, SSO for users coming from other well-known identity providers like Google, Facebook or Microsoft. In addition, implementing SSO in new and old applications can be challenging depending on which third-party IAM providers and protocols you are using. Legacy applications can generally be modified to use SSO as a new ‘front door,’ while newer applications may be able to take advantage of IAM capabilities to add precise and narrow control over access to application features and data.”
Twentyseven Global can help guide clients through the complex process of creating a single sign-on solution based on our deep experience implementing them for clients in a wide range of industries. We understand that each industry has a different set of security standards we might need to adhere to, such as PCI, HIPAA or FERPA, and our team of engineers will work with you to understand your needs and see if SSO is a good fit. We’ll provide a tailored solution based on industry standards.
Information used in the article was provided by Phuong Nguyen. Nguyen joined the Twentyseven Global team in February 2016 as a senior architect. He is fluent in English and Vietnamese.