Digital solutions are all about making our lives convenient. However, what is convenient isn’t always secure. Massive hacks and identity theft have all become commonplace. We’ve talked about the issue before and the steps businesses can take to protect themselves. But the basic principle of cyber security is one that we’ve all become accustomed with: the password. However, remembering multiple quality passwords can be difficult and using the same password for everything is highly unadvisable. In recent years, single sign-on, or SSO, has emerged in an attempt to bridge the gap between convenient and secure. But what is single sign-on?
Well quite simply, single sign-on is the ability to log into multiple applications or portals with a single username and password. This works by allowing sites to hand over their user data to a 3rd party. This 3rd party provider acts as an identity provider and takes over all the responsibilities and legwork of authentication. Creating bulletproof authentication isn’t easy and one of the biggest pros when it comes to single sign-on is that it allows businesses to outsource this task to an identity provider with more experience and better resources.
In fact, if you’ve ever been asked to log in to any number of websites using your Facebook account, most of you are already familiar with single sign-on websites. Logging in with Facebook is an aspect of single sign-on called social log-in. With any social log-in single sign-on website, the social media site acts as the identity provider. Because a company like Facebook has the resources to ramp up its cyber security, this approach is usually deemed pretty secure. However, its main weakness, doesn’t lie in lack of encryption or multi-factor authentication, but user oversight. Basically, users employing passwords that are simple and easy to crack. User oversight is also a problem for a different variation of single sign-websites: those that use autofill.
This is the type of single sign-on users you see when your browser or a website asks you if you want it to remember your password username combination for next time. It’s called centralized sign-on. And while this may seem secure and convenient, as it allows users to save multiple passwords for different sites without having to experience password fatigue, it can pose a major security threat. The reason is that, while it saves users from having to remember multiple complex passwords for different websites, it assumes that only the user will have access to any of multiple devices. Cell phones are lost all the time and laptops can be passed around. If someone other than the designated user gains access, whether maliciously or through more mundane circumstances, they could easily gain access to sensitive information.
That being said there is no perfect security, no lock we can place on the door and toss our worries away. This a reality that, although we may feel protected, we face every single day. The threat does not go away. According to Data Breach Reports, over 28 million personal records have been exposed this year. It’s unfortunate but it’s the nature of the internet. It’s built around the freedom to access information. This is the tricky balance that must be maintained when it comes to cyber security, keeping personal information uncompromised while not obstructing access to that information.
Single sign-on is a great option for businesses looking to maintain this balance. Granted some iterations are certainly more porous than others. However, what single sign-on websites allow businesses to do is outsource the complicated task of identity verification those better equipped, as to not sacrifice security while providing their users with convenient access to their information. Above all it allows them to maintain a positive user experience.
[button link=”http://livetilesglobal.com/request-demo” type=”big” color=”green” newwindow=”yes”] Join the Cloud with Single Sign-On[/button]