Explore Cisco
How to Buy

Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

What Is Single Sign-On (SSO)?

Single sign-on (SSO) is an identification system that allows users to access multiple applications and websites with one set of login credentials. The implementation of SSO within an enterprise helps to make the overall password management easier and improves security as workers access applications that are on-premises as well as in the cloud.

What role does two-factor authentication (2FA) play in SSO?

When implementing SSO and giving your users easy access to work applications, a critical part to ensuring the integrity of the sign-on process is the ability to verify their identities with two-factor authentication (2FA). What is even more critical is that customized policies and controls be set on a per-application basis to help your organization be more secure and protect it from risky users and devices.

Learn how Duo can help with SSO and 2FA >

What are the benefits of SSO?

There are multiple benefits from SSO, including:.

  • SSO can help to improve worker productivity, especially when there is a need to access applications that are either on-premises or in the cloud. In other words, password fatigue and errors are eliminated as workers traverse multiple applications.
  • Companies that have implemented SSO will often see fewer help desk requests for things such as password resets, lost passwords, etc. Consequently, implementing SSO removes non-productive tasks while also delivering cost savings.
  • Implementation of SSO can help organizations to improve network security and compliance.

Challenges of SSO

Implementation of SSO comes with some challenges, but most of these can be mitigated by relatively small efforts.

Project complexity

It can be complex for some organizations to deploy SSO as it requires a detailed discovery phase where inventory of applications, dependencies, and authentication protocols are documented. Consequently, it is important to ensure that the right vendor and integration partner is selected and a cross-functional team is assembled (with non-IT people included). Organizations also need to make sure that appropriate time is allowed for the project, as there are additional complexities that may crop up depending upon the specifics for your environment.

Reliability and redundancy

When designing the SSO architecture, extra focus must be placed on reliability and redundancy. When the SSO system is down, unfortunately all access to connected applications is stopped.

Relaxed password standards

When your organization gets on the SSO train, it is fundamental to enforce the use of strong passwords. Relaxed password standards and SSO do not mix. Doing this will help to avoid devastating blowback from having an SSO account cracked.

Classic single point of failure

If a hacker breaches your account, access to multiple applications will be in play, putting a lot of critical data up for exfiltration. Addressing this vulnerability should be at the epicenter of your architectural planning, as well as selecting an identity provider that delivers strong security.