Find White Papers
Home About Contact Help
Free Membership Member Login
Dec 2, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

Truth & Fiction with Single Sign On

Imprivata
By : Imprivata
INFORMATION
Published : Dec 19, 2006
Length : 11
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :

Single Sign-On technology has been around for many years. Although skepticism and risk worries were associated with the service, SSO has gone through technological changes. Through these changes it has become an ROI Solution for many corporations.

Learn and explore first hand through five different companies how SSO has helped achieve their goals. Find out some challenges of SSO and solutions used to solve them. Find out more about SSO challenges and solutions used to solve them.
View All Items By This Company
Browse Related Categories :

Authentication

,

Network Security

,

Password Management

,

Return On Investment

,

Risk Management

,

Security

,

Single Sign On
 

Introduction
Every new product brings with it high hopes and leaves behind bitterness before it evolves into the promising solution it can be. Single Sign-On (SSO) was introduced to security years ago along with distributed applications and infrastructures. It became necessary due to the disparate technologies in use; these technologies increased risk by multiplying the number of attack points, and strong security principles dictated the need for strong user account credentials.
But SSO had its failures in the past. The question now is, can it be revisited with lessons learned to provide the value it had promised and previously failed to live up to? Spire Security interviewed a number of SSO users to get their perspectives on four key issues surrounding SSO:
1. Can we really attain true SSO?
2. Does SSO increase or decrease risk?
3. Can we attain ROI from SSO?
4. Is customer regret the exception or the norm?
These are the pertinent questions that keep SSO at bay in some organizations.

Introducing the Companies
With the help of Imprivata, Spire Security identified SSO users and interviewed them about their deployments of SSO within their enterprises. The benefit is clear – real organizations will weigh in on real issues:
_ A $400 million (assets) Midwestern credit union with over 100 employees and about 500 user accounts on over 30 applications. The company has integrated all organization-wide applications into Imprivata’s SSO solution.
_ A $3 billion (market cap) Northeastern pharmaceutical company with over 1200 employees. The company offers Imprivata’s SSO solution as a convenience to end users.
_ A Midwestern mental health center serving over 4000 patients with more than 250 users and 12 applications under management. The organization deployed Imprivata for both security and convenience.
_ A Southeastern hospital with over 140 beds and 1000 employees. The hospital deployed Imprivata to address regulatory requirements associated with shared workstations.
_ A Northwestern regional hospital with over 3,500 employees, 2,000 desktops, and over 100 applications. The hospital deployed Imprivata for regulatory and convenience reasons.
In addition to these five primary interviewees, opinions and analysis from other interviews and research by Spire Security will be integrated into the content.

True SSO – Fantasy or Reality?

The Myth
Because SSO has been around for so long, it has had its chance for hype, failure, and reduced expectations. For seven or eight years now, even purveyors of SSO solutions have watered down their discussions to something that provides “reduced” or “simplified” sign-on. Since SSO is the primary value proposition, this approach minimizes the value of the solution. No enterprise should buy a solution for SSO that markets itself as “reduced” or “simplified.” There may be other reasons to buy the solution, but certainly SSO isn’t one of them. These vendors recognize the technology weaknesses of their products up front and don’t want to live up to a promise that has been broken in the past.

The Reality
“The vast majority of profile generations take less than thirty minutes--many of them only fifteen minutes! The most challenging SSO integration application was one that presented two different layers of authentication...it was a challenge of an hour. – NW Hospital.
“There is nothing keeping us from getting complete single sign-on except our internal priorities.” – Pharmaceutical Company.
“We attained SSO immediately upon installation for the bulk of our applications. True SSO is definitely feasible.” – Credit Union.
The companies interviewed all expressed a reasonable comfort level with their SSO solutions. In the past, technical barriers were the problem with gaining true SSO. Today, an organization can incorporate as many applications as they’d like to include in their SSO solution. It doesn’t happen magically – though the easiest offthe- shelf applications are integrated immediately, the most difficult ones may take a week or two – but it is reasonable to expect and possible to attain.

The Spire Verdict
Technology has always been the obstacle to true single sign-on. That is no longer the case. Now, the barriers are the logical ones – minimal-user applications with nonstandard authentication requirements. The opportunity for SSO is even more apparent with midsized companies that have dozens of applications rather than thousands. There is always a level of practicality involved when dealing with those applications that only have a handful of users, but that decision is one of resource allocation, not technical impossibility. 

Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map