Home > Trends > Single Sign On Hits Its Stride

Single Sign On Hits Its Stride

I’ve always thought that single sign on solutions were a good idea.  We all have to manage many login events to networks and applications.  Why log in dozens of times when SSO products can do it for you?  Besides improving security and convenience, SSO products also give you a foundation on which to improve every aspect of your identity management program.

The SSO system learns every user and each "identity" of that person to every software application and network.  I’m hunts to the HR applicaiton, and steve.hunt to email, and shunt to the document management app.  Imagine how much easier it will be for my organzation to migrate to strong authentication, smart cards, or converged physical logical access now that all users and all of their privileges to all systems are collected and organized in a single place.

It really works – and lots of companies are realizing it.  Over a ten million people use single sign on today and its growing fast.  One vendor, Passlogix, had about a million users of its SSO software in 2004.  It doubled in 2005. It looks like Passlogix is on its way to hitting as much as 5 million concurrent users soon. 

SSO has been around since the mid-1990s. What’s driving this growth now?

Well, passwords are everywhere (the madness has to stop!!). Many passwords are crappy, and authenticaiton simply must be improved. strong authentication is becoming fashionable.  FFIEC banking regulations demand better authentication.  Phishing is on the rise. and even the use of certificates for authentication can’t always rely on a federated authentication service.

All this begs the question of how to glue together an authentication architecture.  SSO, with its ease of use, high customer satisfaction, and aggregation of roles and privileges make it the obvious first step in meeting any of those drivers.

Categories: Trends
  1. January 18, 2007 at 12:03 pm

    Good take on the why and the “why now.” So I ask you, what are your thoughts on Microsoft’s integration of Active Directory and 3rd Party SSOs to combine physical credentials (biometrics, CAC, etc…) access to the Active Directory structure and therefore all of the Microsoft compatible / AD integrated applications? By default wll Active Directory drive the standard for SSO and corresponding physical access?

  2. January 18, 2007 at 12:11 pm

    The directory vendors have been dreaming of SSO for a decade. Novell and Microsoft have especially churned up interest and confusion regarding the role of the directory relative to SSO. Oblix (now Oracle) was another company that claimed a SSO solution by adding functions to a directory.
    The bottom line is that a directory can “house” identities and privilege schemas, but it cannot negotiate the login events or the user experience without a lot of help.
    Microsoft is doing a smart thing by integrating strong authentication and sign on management with its market-leading directory.
    But the directory is still just the directory.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: