Single Sign-On (SSO) is a service which allows a user to log into one application or network domain, and then be logged in automatically to other associated applications or domains. The user therefore only needs one set of identity-verifying credentials (e.g. username/password) to access multiple services and applications.
For example, an energy company could use SSO to enable customers to use just one identity for simplified login to all of its digital services – account settings, electricity reporting, gas usage, payment history etc.
Let’s look at some FAQs around Single Sign-On – the benefits, levels of security and set-up.
What are the benefits of Single Sign-On?
User experience (UX)
Enhanced UX is perhaps the most obvious benefit of SSO. Repeat logins are cumbersome and annoying, so removing this necessity is a big advantage. As customers increasingly demand a good digital experience, poor UX will lead to loss of business.
As a further UX benefit, the sign-on could be authenticated with any credentials that you expect your visitors will want to use – e.g. username/password or something stronger, like bank ID – or you could improve the user experience even further by giving users options. There’s no need for the user to create a brand-new set of credentials at all, if you so choose – many options exist for a user to verify themselves with a digital identity they already have – keeping users happy and enhancing security (more on that later).
Reduced admin time and costs
With just one set of credentials to manage login issues are dramatically reduced, which means much less time wasted by IT admins sorting them out – a benefit that scales with the growth of your business.
Furthermore, simplifying internal creation and deactivation of access credentials – for example, partner contracts beginning and ending within a B2B service – also saves time.
As we all know, time equals money. SSO saves time, and therefore saves your business money.
Is Single Sign-On secure?
Whilst an initial impression of SSO might leave you questioning the security of only needing one set of credentials to access several systems, single sign-on actually improves security when applied correctly.
If we take the B2B partner use case from above with simpler revoking of access credentials when contracts expire, this also means it’s much easier to view and control who has access to your organisation’s data.
What’s more, initial authentication can be very strong, with multi-factor authentication (MFA) now a standard requirement. Users are likely to create a stronger, unique password if they only need to create one, or opt for MFA if they only need to do it once.
If levels of security assurance requirements vary between your services, you can create the following workflow. If a user has authenticated with a higher/equal level of assurance in the first application to the level required for the second application, they can Single Sign-On to the second application. However, if a user has authenticated with a lower level of assurance in the first application and the second requires higher level of assurance, you can require the user to re-authenticate.
How easy is Single Sign-On to set up?
Single Sign-On is a standard entry to identity digitalisation for organisations, making it one of the most common digital identity use cases. It’s therefore quickly and easily implemented by IDaaS – Identity-as-a-Service.
The time to market for IDaaS is reduced compared to a more complex identity solution, due to the standardised feature sets and because the enterprise does not need to manage the deployment, security, configuration and maintenance of the solution themselves. It’s a matter of simple out-of-the-box API integration – rather than reinventing the wheel.
Interested in setting up SSO for your own business technology? Check out this case study of how one Ubisecure customer implemented Single Sign-On to the benefits of all users in their system.