Enterprise Single Sign-On Best Practice Considerations

Enterprise Single-Sign-On:

Opportunity
Another response to these security requirements was to enact policies to protect applications, such as requiring users to change separate application passwords on a regular basis. Ironically, users accommodated these security requirements by resorting to insecure practices including writing passwords down on sticky notes, reusing easily guessed passwords across applications or sharing passwords with one another. Improving application interaction presents the opportunity to not only increase user satisfaction, but to also enact more stringent security policies while minimizing these insecure practices. Enterprise Single Sign-On solutions enable this by automating application logins through a single authentication and providing centralized management of application authorizations and audit to aid in compliance efforts.

Benefits
The right Enterprise Single Sign-On solution can provide numerous benefits for your organization, including:

- Increased employee satisfaction and productivity through login automation
- Reduced password-related help desk costs by eliminating the user’s requirement to track multiple passwords and login processes
- Elevated protection for sensitive application data through deployment of complementary strong authentication
- Application access auditing to help meet regulatory compliance

Introducing Enterprise Single Sign-On
In a time where security and business productivity are often viewed as being at odds with one another, Enterprise Single Sign-On (ESSO) solutions have the unique position of benefiting both. Enterprise Single Sign-On products automate access to all applications and systems through a single logon (See Figure A). This provides dramatic improvements in user productivity and satisfaction while enabling more stringent security measures to be implemented for application access.

For example, in a hospital environment, after treating a patient, a physician securely logs into a workstation and is presented with a list of Enterprise Single Sign-On -enabled applications based on their role. With a single click, any application opens and the physician’s credentials are transferred in the background to satisfy necessary login requirements. Physicians typically interact with multiple disparate applications in order to access patient data, submit prescriptions and enter billing information. Automating the logon process saves them several minutes per patient transaction. Considering physicians typically treat dozens of patients per day, an Enterprise Single Sign-On solution provides substantial increases in productivity, allowing them to see more patients each day and improve their responsiveness.

Consolidating access to a single login also allows organizations to implement security measures that would have otherwise been too burdensome for the end user. Rotating passwords on a monthly basis or conforming to strict password composition requirements becomes significantly more manageable when the user has to remember only one set of credentials. Although Enterprise Single Sign-On appears to be a relatively simple concept on the surface, the combination of business and security constituents impacted requires solutions to be evaluated from multiple perspectives. Many organizations have found this perceived simplicity to be deceiving when selecting the proper solution. This white paper discusses often overlooked considerations when evaluating Enterprise Single Sign-On solutions, to help ensure success with your deployed solution today and in the future.


Top Single Sign-On Considerations
Once Enterprise Single Sign-On solutions are deployed, they become a critical part of an organization’s IT infrastructure and your employees’ daily lives. Selecting a solution that limits your ability to reap the full benefits of Enterprise Single Sign-On or one that cannot scale as your organization evolves can have serious consequences. Following are key issues to keep in mind while evaluating Enterprise Single Sign-On solutions for your organization.