The Power of True Single Sign-On (SSO)




Technology has to keep up with the constantly changing needs of your organization. The latest thing technology must help us embrace? A fully- or partially-remote workforce.

While most of us are now remote due to COVID-19, it’s easy to see how remote-enabled organizations have key advantages over traditional, office-based organizations even in more normal circumstances. They’re able to hire whomever, wherever. Their employees are 22% more likely to be happy in their roles, which can lead to higher retention. Plus, no office means no office rent. 

The IT work that must be done today to accommodate required remote work is ultimately an investment in the future. And fortunately, the groundwork on how to be a fully-functioning remote workforce has already been laid, and there’s exceptional technology that makes it that much easier.

In this article, we’ll dive deep into one part of enabling a remote workforce: access management and single sign-on (SSO). This is essential not just for the sake of the current health crisis but also for modern business success.

Why Is SSO Beneficial?

Simply put, single sign-on is a set of credentials for access to IT resources. Effectively, one login or username and password combination to rule them all, if you will. 

Through the industry-standard SAML protocol, the user’s identity is transferred from one place (the identity provider) to another (the service provider). Theoretically, this centralized method of identity means employees only need one set of credentials to have access to all applications, versus creating individual log-ins for every application. 

The benefits are significant, especially for a remote organization. Here are some of the main reasons organizations use SSO:

1. To Automate and Simplify Access to Technology

By using an SSO solution, IT administrators enable employees to access all of the applications they need. Through a portal, admins make groups with automated access management based on whatever factors are most important to their role (department, location, etc.). Admins automate these permissions and change access settings at the group level, rather than adjusting by the individual, where possible.

2. To Make Security Easier for All

Ensuring security even in the midst of the current largely-remote working conditions is no small task. SSO means that employees have only one set of credentials, making it easier for IT to manage the security of passwords. 

It’s also easier to enforce password requirements. Because employees only need to create one login to their application portal, their focus can go into creating a truly secure login, rather than memorizing their 25+ unique passwords. It also means employees won’t revert to using one password with slight variations across their accounts or using weak passwords just because they’re easy to remember. This added security protects against possible breaches, each of which cost an average $3.86 million based on 2020 data.

3. To Save Time and Money

SSO is a time saver for IT admins and employees alike. For employees, remembering passwords becomes just knowing their sole password. The login fumbles, password resets when they forget their password, and the like are all eliminated. Plus, employees get access to the IT resources they need without excessive jumping through hoops for access.

IT admins benefit even more. They use groups to scale and automate their actions, reduce the number of support tickets they answer, and automate user app lifecycle management with  just-in-time (JIT) and SCIM provisioning and deprovisioning.

Every time IT deals with a password reset ticket, it costs an average of $70. That means 1,000 password resets cost an organization an average of $70,000 in IT labor. SSO can help.

SSO sounds like a no-brainer, right? 

Well, there’s a catch. We’ve painted a pretty picture thus far, but SSO hasn’t always meant truly universal access to all IT resources. Even today, the capability of SSO providers varies greatly, and only sometimes really provides all of the benefits above.

To better understand what some IT professionals mean when they say SSO, we need to understand the limitations of SSO caused by its origin.

The Evolution of SSO 

The IT landscape is quite different from what it was just a few months ago and even more different from the legacy approaches that have been in place for almost two decades.

Historically, IT organizations relied on Microsoft® Active Directory® for their identity management. This approach worked well when the IT network was full of Windows® PCs and applications all located in the office. Then, new types of IT resources emerged such as Mac® and Linux® systems, AWS® cloud infrastructure, web applications, WiFi, and more.

With the introduction of these new resources, domain-based models basically lost their comprehensive nature. Employees could only use their domain login for some of their resources, but not fundamental things like web applications that weren’t in the same “family” of applications.

At JumpCloud®, that’s just not good enough. We believe in simplifying life for IT admins and employees alike, not introducing yet another set of credentials to manage. When we say single sign-on, we don’t mean “one of the many single sign-ons.” 

Modern IT organizations need to manage access to cloud and on-premises servers (e.g. AWS, GCP, and on-prem file storage), systems (Windows, Mac, Linux), on-prem applications, wired and WiFi networks, and more. 

Fortunately, a simple solution has emerged. A True Single Sign-On platform enables end users to securely connect to their IT resources with one identity. 

What Makes True SSO Better?

The key advantage of True SSO is that IT admins can leverage one comprehensive SSO solution for virtually any IT resource, rather than just web applications. 

Employees gain simplicity and efficiency by having one username and password to access their business IT resources. Administrators improve management and security by centralizing control over the employee’s access to their assigned resources.

From an IT admin’s perspective, they leverage one platform that manages that identity and securely connects it to those IT resources. This cloud directory supports authentication standards such as LDAP, RADIUS, SAML, and more. As such, an identity can be easily provisioned and deprovisioned to a wide range of IT assets.

That identity can be secured via multi-factor authentication (MFA) to ensure safety, AND can be leveraged for all necessary logins: Windows, Mac, and Linux systems, cloud server infrastructure, web applications, WiFi and VPN networks, and file servers. 

True SSO is the realization of what SSO wanted to be a decade ago. And now that the technology is here, it’s making older methods of SSO irrelevant. And now that you understand the history, you’re prepared to find a tool that enables True SSO.

Final Thoughts 

It’s 2020. While it’s a year that will go down in history as nothing short of chaotic, it’s also a time defined by amazing technology to support what has otherwise been an overwhelming adjustment period.

True SSO is one of those technologies. It enables end users to gain simplicity and security by leveraging one identity across all of their IT resources, while IT admins are able to simplify access management.
Contact JumpCloud to learn more about single sign-on providers.

You can also sign up for a Directory-as-a-Service® account and try out a True SSO provider for free. Add up to 10 users and 10 systems free to get a better sense of what SSO should be. If you need help, leverage our in-app 24×7 premium chat support feature within the first 10 days. You don’t even need to enter a credit card to get started. Check us out today!


Related Posts
Learn the difference between AWS IAM and AWS SSO and which is better suited for your business. Try JumpCloud for Free!

Blog

AWS IAM vs. AWS SSO: Choosing the Right Service

Learn the difference between AWS IAM and AWS SSO and which is better suited for your business. Try JumpCloud for Free!

Before SAML, people had far too many passwords to remember. They had one for each web application they used, which for some people was in the hundreds.

Blog

What is SAML (Security Assertion Markup Language)?

Before SAML, people had far too many passwords to remember. They had one for each web application they used, which for some people was in the hundreds.

Maintain fine grained control over  your AWS accounts with JumpCloud Directory Platform to simplify employee onboarding and user management.

Blog

Simplify Onboarding and Secure Group Management in AWS SSO

Maintain fine grained control over your AWS accounts with JumpCloud Directory Platform to simplify employee onboarding and user management.