Single Sign On (SSO)
Traditional SaaS SSO allows customers to manage the users of a team outside of the built-in table. Single Sign On systemizes the users’ database into a single service that controls the authorization of all accounts and applications.
It is nigh impossible to manage thousands of users, or more, across many different applications since enterprises use a large number of services with a large number of customers. Enterprises have, however, started using SSO for this reason in order to manage the deprovisioning, provisioning, and permissioning of accounts and privileges.
Advantages of SSO
- Unified/Centralized database – SSO provides one single database that includes all the logs you’d need for authentication and authorization in order to support the administration.
- Access logs – Single Sign-On provides a log with detailed reports on who access what and when
- Less vulnerable from phishing – Having fewer credentials means that phishing through social engineering and emails is nigh impossible
- Help-desk costs are reduced – Having fewer credentials also means that you get a lot fewer help-desk calls.
Disadvantages of SSO
- SSO uses one set of credentials – This might sound a bit contradictory because this is also listed as an advantage. However, it can be a double-edged sword. If this set of credentials somehow gets leaked, stolen, or hacked, the person who has access to it has access to basically everything.
- SSO provides Single Sign-On, but no single sign-off – This con is a bit less talked about, however, it creates a problem where user sessions can and will usually stay active for a long time after the user has completed their use, which can lead to session hijacking.
SSO for SaaS Apps
Single Sign On for SaaS applications has clear advantages that far outweigh its disadvantages, and it is an integral part of any SaaS providers’ strategy. It provides user name, device name, usage, and access time data for subscription management applications that integrate with SSO, and this in turn enables the SaaS manager to find out which customers are using which applications and for how long, allowing for optimization of subscriptions. When combined with other important data, such as cost data, it enables the calculation of cross-charges at a departmental level.
There are still naysayers, however. They will say how Single Sign On SaaS probably isn’t needed and will bloat the disadvantages it has over some other SaaS authentication methods, saying that these other methods are newer and better and that SSO is outdated. While this can be true in some cases, and there are points to be made both for and against SSO, more often than not SSO will be the better option.
SSO as a method of SaaS platform authentication is a powerful function that reduces login time and costs. It will make the lives of your users and the IT help desk a lot easier, and it is one of the best methods of inventorying your applications as well as providing logs with detailed information on their usage. While it can be argued that using only Single Sign-On for SaaS applications isn’t good enough on its own, there really isn’t anything better out there right now.