The Information System is becoming increasingly open, use of cloud computing and mobility are becoming more widespread, multiple associated applications and usage scenarios, etc. All of these factors lead to a dual challenge for organisations: how to apply a policy to manage and control application access while ensuring an optimum user experience?
This is the role of an authentication, access control and SSO (Single Sign-On) solution, combining security and user convenience.
SSO, or single sign-on, makes it easier for users of the information system to access their applications, reducing the number of authentication requests during a specified period, while controlling and tracing this access to check that users are indeed authorised.
Although a global IAM strategy is essential given the range of applications, user usage scenarios, authentication methods, access procedures, work environments, etc., SSO will generally be addressed through different approaches: Web SSO (or Web Access Management) and identity federation if using only the web, Enterprise SSO (or eSSO) for the protection of workstations and fat client applications, and mobile SSO for mobile environments.
Web SSO
or Web Access Management
Web SSO involves 100% web-based architectures, such as extranet/intranet portals for example. It therefore only protects web applications accessed using a browser, guaranteeing them a high level of security, in particular through the implementation of multi-factor and adaptive authentication mechanisms, advanced access control rules, and complete traceability of access to web applications.
Although identity federation can in particular be considered a Web SSO solution, it only concerns web applications compatible with certain market standards, such as SAMLv2, or OAuth2 / OpenID Connect… It is therefore essential to also be able to take into account applications which do not use these federation standards, but instead use other web authentication technologies: HTML form, Web Service, Kerberos or proprietary token, etc.
There are also many associated web SSO architectures and network types: web SSO solutions therefore need to be flexible, non-intrusive and scalable, in order to ensure all applications of the information system are taken into account.
Find out more about our Sign&go Global SSO solution, covering all types of applications in all types of architecture
Benefits of Web SSO:
how to combine security
and ergonomics?
The implementation of a Web SSO solution provides many benefits, which can be broken down into several areas:
1
Security
- Know who actually accesses what
- Control and trace access to applications
- Eliminate the use of commonplace passwords
- Control the openness and outsourcing of your IS
2
User experience and satisfaction
- Implement a single and ergonomic authentication for all web applications
- Adapt the level of authentication to usage and the context
- Give users the freedom to reset their own passwords
- Make the user journey uniform whatever access is used
3
ROI and Administration costs
- Streamline password management and renewal
- Simplify the integration and connection of new applications
- Standardise and pool authentication and authorisation infrastructures
- Make the IS flexible and agile
4
Standardisation of the IS
- Define an authentication platform that is separate from specific implementations
- Facilitate access to applications in corporate change contexts
- Follow the major trends towards opening up your IS to the cloud
- Fulfill regulatory requirements
Our successful
experience
in the deployment
of Web SSO projects
in structures of all sizes
Our successful experience in the deployment of Web SSO projects in structures of all sizes
Related articles
Single Sign-On (SSO) and access control: a necessarily global approach to single authentication
How to protect business data without imposing onerous authentication processes on employees is a challenge that most businesses have or...