CyberArk Named a Leader in The Forrester Wave™: Identity-As-A-Service (IDaaS) For Enterprise, Q3 2021. DOWNLOAD NOW >

Cyberark Glossary >

Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication method that lets users access multiple applications and services using a single set of login credentials. SSO can help businesses improve user satisfaction and productivity, strengthen access security, and reduce IT operations expense and complexity.

Why Single Sign-On

Today’s digital workers rely on a wide variety of applications to perform their jobs, including traditional enterprise applications hosted in corporate data centers, SaaS solutions running in the cloud, and mobile apps for smartphones and tablets. Each application relies on distinct identity management and access control mechanisms, which creates challenges for users, IT operations teams, and information security and compliance organizations.

Users are forced to memorize and track a dizzying array of frequently changing passwords. Overwhelmed by password sprawl, many users take risky shortcuts like using the same password for all applications, using weak passwords, repeating passwords, or posting passwords on sticky notes for all the world to see. Bad actors can take advantage of lax password management practices to mount cyberattacks and steal confidential data. In fact, compromised account credentials are a leading cause of data breaches.

From an administrative perspective, IT and security operations teams are forced to use a variety of independent identity management platforms to onboard users and provision their privileges—a manually intensive, time-consuming, and error-prone proposition, which overburdens the help desk and impacts user satisfaction. Worse still, these siloed identity management practices can create administrative blind spots and introduce additional security vulnerabilities like privilege creep. (Users can retain access rights after they change roles or leave the company. Disgruntled employees or rogue contractors can exploit out-of-date access credentials to steal sensitive data or disrupt critical business services.)

Single Sign-On Features, Functions, and Benefits

Single Sign-On solutions help businesses simplify user access, improve security, and streamline IT operations by centralizing, automating, and unifying identity management and access control functions for all applications and services. Modern SSO solutions support traditional applications hosted in enterprise data centers, applications running in private or public clouds, and third-party SaaS solutions like Salesforce and Box.

Modern SSO platforms also support various on-premises and cloud-based credential stores and directory services platforms like Active Directory, LDAP, and Google Directory to centralize and unify operations. They support federated identity management using standards-based protocols like SAML, Oauth, and OpenID Connect to enable peering and inter-enterprise collaboration. And they provide self-serve portals that let users reset passwords, request permissions, and make other changes without helpdesk intervention.

Single Sign-On solution benefits and advantages include:

  • Superior user experiences – SSO improves user satisfaction by eliminating password fatigue and frustration. With SSO, users seamlessly access all their applications and services, using a single set of logon credentials from any location or device. In addition, users can quickly change passwords and other account settings without opening a ticket or engaging the help desk.
  • Simplified operations – Single Sign-On solutions streamline IT operations by eliminating manually intensive, time-consuming, error-prone administrative processes. They can help companies accelerate user onboarding, reduce ongoing operations expenses, and free up valuable IT staff to focus on core business tasks.
  • Increased productivity and collaboration – SSO solutions improve employee productivity by giving users fast, simple, and convenient access to all the online resources they need to do their jobs. Businesses can also use Single Sign-On solutions to improve collaboration with partners—granting external users select access to specific enterprise applications and services.
  • Risk reduction – SSO strengthens security by eliminating risky password management practices; users are less likely to write down passwords or use weak, universal, or repeat passwords. In addition, Single Sign-On solutions reduce administrative gaps and security vulnerabilities by eliminating identity management silos, and reduce attack surfaces by reducing the number of passwords used in the enterprise.