Better Single Sign-On

Better Single Sign-onIs there a better single sign-on (SSO) approach available in the market? Many IT admins have either considered or used a wide variety of web application single sign-on solutions (including those from Amazon®️, Microsoft®️, and Google among many others). But, with the changing nature of IT, some are asking, is there a better strategy for tackling SSO and identity management?

The Original True Single Sign-On™

The first directory services solutionsTraditionally, the single sign-on system to beat was Microsoft Active Directory®️ (AD), although the term SSO hadn’t really been used at the time AD was introduced. AD has been a staple in IT organizations since its creation in the early 2000s. IT networks at the time were largely based on Windows and operated on-prem, so it was easy for Microsoft to establish a foothold with AD. These largely homogenous, Microsoft-centric environments ended up creating a single sign-on experience for the end user that looked a lot like what IT admins envision today with True Single Sign-On™. End users would simply log in to their systems when attached to the network, and they would be connected to whatever Windows IT resources they needed via the domain controller, including the network, files, servers, applications, and more. For end users, it was a great experience, and for IT admins, it provided central control and security.

The Evolution of SSO

The evolution of SSO

Then, web-based applications surfaced. These resources quickly became invaluable to organizations, but they weren’t on-prem or Microsoft Windows-based. As a result, IT admins weren’t able to integrate these new, modern resources with Active Directory, and that initial SSO experience was lost. To unify access to web-based apps, a new category called Identity-as-a-Service (IDaaS) was created. These first generation IDaaS or web app SSO solutions would sit on top of AD and extend AD identities to web-based applications, providing IT admins with something resembling the centralized control that they used to have. Changes in the IT landscape didn’t stop with web-based applications, however, and Active Directory has continued to lose its ability to offer centralized user management.

For example, mobile devices and employees have become (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/better-single-sign-on/

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 25 posts and counting.See all posts by zach-demeyer