The New, Old Definition Of Single Sign-On (SSO)

By Rajat Bhargava Posted December 7, 2015

single sign on

We’ve gotten so used to using the term single sign-on (SSO) that we don’t even realize the definition doesn’t make sense anymore. Today, single sign-on stands for how I can use one set of credentials to get into my web applications. But since SSO only covers web applications, shouldn’t we be calling it ‘Web Application SSO?’

Single Sign-On in Simpler Settings

The reality is that when single sign-on first came onto the scene over a decade ago, it was meant to enable your workstation to completely single sign-on to everything that you needed. One set of credentials was used to login to everything: your devices, applications, network, and more. Of course, the definition made a lot more sense then because the network was far simpler. It was actually possible to create a single login and password for just about everything you could access. Back then, the network was primarily all Microsoft Windows. You had Microsoft Active Directory and a domain controller to authenticate and authorize access to everything on-premises, which was largely Microsoft Windows-based machines and applications. For your cloud applications, there were web application SSO providers that integrated with Active Directory to provide access to the organization’s web applications. So when it began, true SSO was a reality, albeit in a simplistic environment.

Impact of Infrastructure and Google Apps on SSO

Then a worldwide shift happened. Over the next decade the network infrastructure exploded into a complex set of devices, applications, infrastructure pieces, and services. SSO slowly became access to a small set of the IT environment, and then became synonymous with web applications access. Your devices, on-premises applications, WiFi network, and more were excluded from SSO. As Google Apps emerged, it became even more complex since Google didn’t provide a corresponding directory services solution to AD, just a replacement to Exchange. The new definition of SSO travelled quite a distance away from its original intent.

A Return to True Single Sign-On™

The last few years in the identity management space have brought a significant opportunity to the realm of SSO. There just opened up a spot in the market for a company to provide One Identity to Rule Them All™ again. That ability lies in the new cloud-based directory services. The platform known as a Directory-as-a-Service is providing a true central identity for users to connect to any IT asset, including devices, applications, and networks. Now an employee can use an identity for not just web applications, but their servers, network, and devices.

What’s old is new again. The vision of innovative cloud-based directory solutions, such as DaaS, are leading the charge to that singular goal: one central identity to access every business resource.

If you would like to learn more about true SSO solutions, drop us a note. We’d be happy to walk you through the evolution of the space and how DaaS is changing the landscape.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts