FIVE REASONS WHY SSO PROJECTS FAIL

Similar documents
MY1LOGIN SOLUTION BRIEF: PROVISIONING. Automated Provisioning of Users Access to Apps

Identity and Access Management for the Hybrid Enterprise

WHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO)

How to Overcome Challenges in Deploying Cloud Apps to Get the Most from your IAM Investment

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Office365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street San Francisco, CA

The Top 3 Identity Management Considerations When Implementing Google Apps for the Enterprise

SINGLE & SAME SIGN-ON ASPECTS

Extend and Enhance AD FS

An Overview of Samsung KNOX Active Directory and Group Policy Features

Speeding Office 365 Implementation Using Identity-as-a-Service

White Pages Managed Service Solution Rapid Global Directory Implementation. White Paper

How To Use Salesforce Identity Features

Google Identity Services for work

OPENIAM ACCESS MANAGER. Web Access Management made Easy

White Paper. What is an Identity Provider, and Why Should My Organization Become One?

managing SSO with shared credentials

Active Directory Integration WHITEPAPER

Office 365 deploym. ployment checklists. Chapter 27

Office 365 deployment checklists

Thru. Secure File Sync And Share - For The Enterprise

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

The Who, What, When, Where and Why of IAM Bob Bentley

Integrating Single Sign-on Across the Cloud By David Strom

NCSU SSO. Case Study

The increasing popularity of mobile devices is rapidly changing how and where we

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect

The Top 5 Federated Single Sign-On Scenarios

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

Identity Implementation Guide

A Standards-based Mobile Application IdM Architecture

Google Apps Deployment Guide

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

Total Cost of Ownership Overview ADFS vs OneLogin WHITEPAPER

Identity Relationship Management

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

EXECUTIVE VIEW. EmpowerID KuppingerCole Report. By Peter Cummings October By Peter Cummings

Stop Password Sprawl with SaaS Single Sign-On via Active Directory

BEST PRACTICES IN BYOD

WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM)

Securing and Monitoring Access to Office 365

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France

Lync Online Deployment Guide. Version 1.0

Identity and Access Management (IAM)

Enabling SSO for native applications

Visibility and Control for Sanctioned & Unsanctioned Cloud Apps

Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University

Identity. Provide. ...to Office 365 & Beyond

Azure Active Directory

Enterprise Mobility Suite (EMS) Sean Lewis Principal Partner Technology Strategist

Single Sign On. SSO & ID Management for Web and Mobile Applications

Choosing a Single Sign-on solution FIVE things you MUST consider 1

How To Get A Cloud Platform To Work For A Company

The cloud - ULTIMATE GAME CHANGER ===========================================

WHITE PAPER AUGUST 2014

Mobile Security. Policies, Standards, Frameworks, Guidelines

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT

AVG Business Secure Sign On Active Directory Quick Start Guide

Okta/Dropbox Active Directory Integration Guide

SchoolBooking SSO Integration Guide

WHITEPAPER. Modern Identity. Addressing Risk, Complexity & User Experience

Delivering value to the business with IAM

TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE

Glinda Cummings World Wide Tivoli Security Product Manager

WHITEPAPER. 13 Questions You Must Ask When Integrating Office 365 With Active Directory

Solve BYOD with! Workspace as a Service!

AVG Business SSO Partner Getting Started Guide

SAP Cloud Identity Service

Feature List for Kaspersky Password Manager

CA Federation Manager

B2C, B2B and B2E:! Leveraging IAM to Achieve Real Business Value

Connected Data. Connected Data requirements for SSO

NT III - Authentication and Authorisation Service

SAML 101. Executive Overview WHITE PAPER

Auth0 SSO Drives B2B Expansion

Guide to Evaluating Multi-Factor Authentication Solutions

Ping Identity, Euro Cloud award entry

Is Your Identity Management Program Protecting Your Federal Systems?

MOVE YOUR To The Cloud With Confidence

Egnyte Cloud File Server. White Paper

CLOUD ACCESS SECURITY BROKERS

Password Self Service - Service Description

Contents Jive StreamOnce

Flexible Identity Federation

The Cloud, Mobile and BYOD Security Opportunity with SurePassID

I D C V E N D O R S P O T L I G H T

How To Manage A Plethora Of Identities In A Cloud System (Saas)

Increase the Security of Your Box Account With Single Sign-On

Interoperate in Cloud with Federation

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

Microsoft Enterprise Mobility Suite

Whitepaper: Manage Access Control for Network Resources with Securitay s Security Policy Manager

TIT E IS A. Social Media. Soziale Netze und IT Sicherheit. Herausforderung? Chance? Alfred Bach Solution Strategist ALPS WE CAN IN BO

Single Sign-On Portal User Reference (Okta Cloud SSO)

Cloud Security: Is It Safe To Go In Yet?

Transcription:

FIVE REASONS WHY SSO PROJECTS FAIL

FIVE REASONS WHY SSO PROJECTS FAIL Identity is the fundamental security control in the multi-perimeter Enterprise world. Through 2016, Federated Single Sign-On will be the predominant SSO technology, needed by 80% of Enterprises. By 2020, 70% of all businesses will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets and 80% of access will be shaped by non-pc architectures. A well-executed Single Sign-On (SSO) strategy eliminates password-related reset costs and downtime, mitigates the risk of insider threat, improves user experience, authentication processes and puts the organisation firmly in control of user access. However, there are many expensive pitfalls in the journey from SSO as a concept to a successful SSO implementation. Challenges as a result of identity sprawl, an evolving technology & corporate roadmap, scalability and integration complexity can result in these expensive failures. This paper summarises the main SSO pitfalls to be aware of and the actions you can take to mitigate these. Through 2016, Federated Single Sign-On will be the predominant SSO technology. my1login.com 1

1. IDENTITY SPRAWL The SSO solution doesn t unify all user identities The SSO solution is not inclusive of all users, apps and devices in use across the organisation. Some users are still able to log into applications outside of the SSO solution Doesn t allow the organisation to bring together multiple directory structures User identities may exist in different forms within different systems and the SSO solution is unable to synchronize these and provide a single identity for each business user. For example, HR may have implemented a cloud-based appraisal system that uses personal number and a password for authentication, finance may have procured a corporate expenses system that uses email address and password, and other systems may use active directory login credentials to authenticate users Legacy desktop applications that don t integrate with users directory logins can be the weak link that causes SSO to fail. Pick 5-10 end-users that represent departments across the organisation and use them to set the benchmark for use-cases your SSO solution needs to address. Federated SSO will be the predominant SSO technology, needed by 80% of Enterprises, by 2016 70% of all businesses will use ABAC as the dominant mechanism to protect critical assets 2. LACK OF VISIBILITY If you don t know about it, you won t consider it, and if you don t consider it, SSO won t solve it Lack of visibility of the applications in use across the business is one of the biggest barriers to successful SSO implementation Department-led adoption of cloud services means there are business applications in-use that IT are not aware of which need to be integrated with the SSO solution If these apps are not integrated with the SSO then end-users will perceive SSO to have failed. Choosing an SSO solution that auto-discovers and auto-integrates new applications provides visibility of all corporate applications and seamlessly links them to the SSO. my1login.com 2

3. EVOLVING TECHNOLOGY & CORPORATE ROADMAP The SSO solution works for known use cases, but is not future-proofed for longer term roadmap initiatives While the SSO solution worked with all the systems in place at the time the project was implemented, it doesn t integrate with newly-adopted applications and devices The SSO solution isn t compatible with new web technologies introduced after project completion The SSO solution s benefits don t align to evolving business drivers - eg. the business has moved to virtualized applications instead of desktop solutions to reduce in-house maintenance costs, but the SSO solution isn t compatible with these SSO solution isn t compatible with a newly-adopted BYOD initiative for a number of user-owned devices. eg. It may work with Android and IOS, but isn t compatible with Windows phones Business decentralises control for application adoption apps adopted by departments have no native integration with the SSO solution and operate outside of its control The company infrastructure goes through an architecture upgrade after the SSO project is introduced. Choosing an SSO solution that is not critically dependent on complex connectors with target applications can provide significant future-proofing. Being able to use connectors where available, e.g. SAML or OAuth, for authentication, provisioning and de-provisioning is great, but in order to be widely compatible and future-proof, the SSO solution also needs to be able to work with legacy desktop (non-browser), virtualized and cloud-based applications that don t have connectors. An SSO solution that is not critically dependent on complex connectors with target applications can provide significant future-proofing. my1login.com 3

4. LACK OF ADOPTION BY USERS Users bypass the SSO solution where possible If your SSO solution requires a change in user behaviour this can create a huge barrier to adoption Forcing users to use an SSO portal or to change their normal working practices makes their life more difficult rather than removing the burden it aimed to solve. End-users are typically resistant to change. Deploying a solution that doesn t require an end-user to change their behavior, and operates seamlessly, will remove any barriers to adoption. 5. SCALABILITY, COMPLEXITY & COST The SSO solution is unable to scale with the business Solution is capable of supporting end-user numbers at project completion, but cannot scale to provide for increased user numbers as the business grows Technical limitations with the SSO solution means it s unable to grow with the business, e.g. the SSO solution s architecture isn t scalable Corporate transformation projects such as an acquisition could lead more complex, multiple directory structures that challenge the limits of the SSO Demand on IT team increases as new applications need complex integration with the SSO solution It becomes easier and more cost-effective to roll out new applications outside of the SSO solution due to the overhead of integration The overhead in maintaining an on-premise SSO solution become unmanageable. Select a solution that can integrate identities with the SSO across multiple domains. Using a federated SSO solution removes the challenges of scaling and delivers a far lower total cost of ownership. my1login.com 4

SUMMARY About My1Login Founded in 2007, My1Login is a European leader in protecting against enterprise cyber security threats through its Identity and Access Management solutions. The trend towards SaaS has moved Enterprise identities outside the traditional corporate infrastructure, exacerbating the challenges of identity sprawl, password fatigue, resets and compliance adherence. My1Login s next generation Identity and Access Management solution enables organisations to overcome these challenges by providing a single user identity for employees, improving productivity and eliminating security threats. My1Login s IAM solution supports identity standards such as SAML, SCIM, OAuth 2.0 and OpenID Connect, but uniquely can also integrate with target applications that don t have connectors (e.g. legacy and mainframes), ensuring there are no gaps. My1Login works across cloud, mobile and legacy desktop applications enabling control of user identity and access while delivering a return on investment. The service can be deployed rapidly, even in the most complex enterprise environments. 10,000+ Apps In addition to working with legacy, desktop and mainframe applications, My1Login also works with today s enterprise cloud apps such as Microsoft Office 365, Zendesk, DocuSign, Netsuite, GotoMeeting, Dropbox, Yammer, Atlassian, Workday, Box, Google Apps, Salesforce and Cisco. My1Login Protects Over 1,000+ Organisations Worldwide PARTNERS HAVE A QUESTION? SPEAK TO OUR IDENTITY EXPERTS Call Email Visit 0800 044 3091 contact@my1login.com www.my1login.com My1Login Limited, Office 404, 324 Regent Street, London, W1B 3HH My1Login. All rights reserved.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information