Application Single Sign-on – Benefits and Considerations

Application Single Sign-on – Benefits and Considerations

Enterprises have been increasingly implementing single sign-on across their infrastructures to provide their line-of-business clients with an improved user experience. During the course of a day, the average user may access dozens of applications for interrelated productivity and collaboration tasks. Simplifying the process of accessing these resources to a ‘sign once and done’ experience provides several benefits.Application Single Sign-on – Benefits and Considerations

The Advantages of Single Sign-on (SSO)

  • Remove the need for users to remember and manage multiple passwords. “I need to reset my password” has long been one of the top things that helpdesk admins hear in support calls on a daily basis. When multiplied across a large organization, the time spent addressing this recurring problem burdens IT organizations. By reducing the number of passwords that users have to remember, this common IT helpdesk annoyance may be mitigated.
  • Improve user experience through automatic login. Along with uptime and performance, usability and user experience are two key drivers for the long-term adoption of technologies in any organization. While it may seem simple, users appreciate when IT saves them time and effort so that they can focus more on their work and less on tech and remembering passwords. Allowing for automated login to other collaboration and communications applications such as Microsoft Lync, SharePoint websites and corporate intranets after providing credentials just once, IT can make more friends in the user community and contribute to the adoption of deployed technologies.
  • Reduce the risk of user account lockout. While related to the first benefit, persistent users with many accounts and passwords may continually enter an incorrect password until, alas, their account is locked out. This presents yet another challenge for service desks since they now have to spend time determining whether the person submitting the request is actually entitled to do so.

Additionally, when many mobile devices are deployed per user, until the password is updated on each and every device, the account may continue to lock out unless an intermediary proxy is in place that allows for soft lockout before the requests ever make it to the authoritative directory. Again, implementing SSO and reducing the number of credential sets that users have to remember help to mitigate this challenge.

Considerations When Introducing Single Sign-on

As when introducing any new technology to an environment there are also considerations that should be taken around SSO to ensure a successful deployment:

  • Strong password policies including complexity, age and history should be enforced since the compromising of accounts would allow access to all applications and services that SSO is used for.
  • A balance in policy must be struck between ease-of-use and security for kiosk-based environments where multiple users access workstations such as medical facilities and factory plant floors. Configuring short timeouts and a frequent prompt for confirmation that the user is still actively working are typically needed when SSO is leveraged in these types of environments.
  • Depending upon the implementation, SSO can introduce the risk of a single point of failure for application authentication if the SSO infrastructure experiences an outage. However, whether SSO is in use or not, precautions should be taken to ensure that proper high availability and resilience is in place to withstand a single instance outage or a catastrophic site failure.

While SSO does provide several benefits for organizations with multi-faceted application infrastructures and many technologies have been developed to do so securely, from an organization’s perspective, it’s important to remember that it really is a compromise between typical information security policy and ease-of-use for clients. For this reason, security, policy enforcement and mitigation of single points of failure are critical.

About the Author

Jason Dover is director of technical product marketing for KEMP Technologies.


  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity


New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3