Home » Technology » Cloud Computing » How cloud can solve the single sign-on challenge
Authentication is becoming an increasing problem as enterprises acquire more and more IT systems, many of which are no longer hosted internally. Users struggle to cope with additional authentication requirements and multiple, more complex passwords. Some ignore security policy by putting their passwords on Post-Its stuck to their monitors, trying to reuse the same password for everything or avoiding logging out to avoid having to re-enter data the next day. Others who endeavour to follow security policy but frequently forget their passwords create a different problem. Surveys carried out by Fordway have found that some 25% of Help Desk calls logged are due to password problems.
Using single sign-on to eliminate both problems would significantly increase productivity and reduce costs, while reducing security and compliance risks. This has been a vision for more than 20 years, but historically the methods used to solve the problem have been highly complex and required significant time and investment to create bespoke solutions.
A lower cost approach is now available – using the cloud to provide a single authoritative identity source which can be used to authenticate against almost all IT services available today. Such services come pre-integrated with major cloud and in-house services, including ERP and CRM systems, SharePoint and Active Directory.
Cloud-based secure single sign-in offers three key benefits.
First, it enhances application security by externalising authentication and authorisation to applications, web resources, web services and data. This protects systems from direct exposure. Multifactor authentication could then be added as a further level of security.
Second, it improves compliance. Having a single secure login standard and basing access to all systems on established policies and audited practices eliminates non-secure user practices and ensures all systems have compliant authentication levels. By providing complete visibility into identity and access management and providing a formal audit trail it can also help organisations achieve and maintain compliance.
Thirdly, by providing user self-service for routine issues it can increase productivity and reduce costs, freeing up Service Desk staff to work on other issues. Users or the organisation’s administration staff can provision and update requirements, with custom authentication and provisioning workflows defined to allow staff and partners secure access to services.
Clearly, any cloud-based access solution is only as good as the hosting company’s own cloud security. However, most cloud service providers implement and manage considerably better IT security controls than internal IT departments: their businesses depend on it, they may have pan-Government security accreditations which require them to be regularly security tested, and they can afford the best security technologies and the staff to maintain and update them as this cost is shared between all their clients. For medium-sized companies, cloud-based authentication could be a significant aid to productivity and security, as well as freeing up budget for other uses.
Cloud-based single sign-on could also assist with channel shift in the public sector, enabling organisations to build secure citizen access portals so that members of the public can access a range of services, including those provided by third parties, using a single user name and password.