As agencies adopt more cloud-based applications, workers find themselves having to log in to more places. Single sign-on technology solves that problem (and is required by law), but adoption is still slow. Here are five questions to ask about the technology:
1. Why Should an Agency Use In-house SSO?
If an agency is still using earlier implementations of technologies such as Oracle or PeopleSoft, in-house single sign-on may be required. In-house SSO environments, however, can be more expensive to implement and maintain compared with cloud-based alternatives.
2. Why Should an Agency Use Cloud-based SSO?
Also known as Identity as a Service, cloud-based SSO can be easily integrated with leading Software as a Service applications such as Microsoft Office 365 or Salesforce. IDaaS employs a pay-as-you-go model, and the number of integration points to other systems (including legacy technology) makes it a viable choice.
3. Does SSO Work if Physical ID Verification Is Required?
The combination of SSO and the Common Access Card for authentication, which blends encryption and two-factor authentication, is required for government and military work. A CAC can be used with a physical smart card reader, which can be tied to a cloud-based SSO.
4. Does SSO Work Well with Legacy Technology?
That depends on the age of the legacy technology, whether the technology is still supported by the vendor, and whether the SSO is in-house or cloud-based. Some legacy systems may not expose all of the integration points that need to be secured.
5. Are There Challenges to Implementing SSO?
SSO can be expensive and complicated to install for legacy technology, custom-built applications or systems, or systems that require middleware to ensure secure implementation. Agencies should take this into consideration during planning.