Although the need for multiple passwords to log in to professional applications is very often the leading cause of irritation for users of the information system, it also presents many other security risks: use of weak or commonplace passwords, shared between colleagues or written on post-it notes, incoherent security strategies and password policies specific to each application, complex traceability, etc. It also incurs numerous costs for the company, in particular for operations relating to lost and reset passwords.
By allowing users to access all of their applications with a single sign-on, Enterprise SSO (Single Sign-On) provides a response to this dual issue of security and user convenience.
SSO, or single sign-on, makes it easier for users of the information system to access their applications, reducing the number of authentication requests during a specified period, while controlling and tracing this access to check that users are indeed authorised.
Although a “global” IAM strategy is essential, given the range of applications, user usage scenarios, authentication methods, access procedures, work environments, etc., SSO will generally be addressed through different approaches: Enterprise SSO (or eSSO) for the protection of workstations and fat client and web applications, Web SSO (or Web Access Management) and identity federation if using only the web, and mobile SSO for mobile environments.