Single Sign-On

shutterstock_562837306.jpg

So everyone at your organization has a strong password and multi-factor authentication enabled on their email account. Great! Now to enforce strong passwords and MFA on their computer login as well. And their file server login. And their Microsoft Office login. And Adobe Creative Cloud. And WiFi. And VPN, HRIS, Slack… Are we having fun yet? Don’t forget when someone leaves your organization, you have to go through and disable all those. Sometimes very quickly.

I don’t know about you, but to me, none of that sounds fun. Thankfully, it didn’t sound fun to other people either, and they worked out something called “single sign-on” (SSO): how to let each person use a single username, password and MFA across all the situations above. With a little more work up front, you can save days of onboarding, name changes, password resets, and offboarding.

But wait! You previously said to never reuse the same password. You’re right! The beauty of SSO is you always authenticate with the same system (JumpCloud, for example), and then that system tells the other systems you are authorized to access it. So you’re not reusing a password, you’re reusing an authentication system.

At the end of the day, SSO is a fundamental security feature for enterprise, small to medium businesses, and even individuals. It will not only save you time, but will let the technology do the work of making sure all necessary accounts are enabled, audited, changed, or disabled when needed. If you use Microsoft Active Directory or GSuite, you already have an authentication system that can be tied into many others. Third-party services like JumpCloud or Okta can extend that functionality even further.