Identity and access management (IAM) is a foundational and wide-reaching segment of any IT admin’s responsibilities. Like a Swiss army knife, IAM is not limited to a singular feature that it offers to an organization, the concept of IAM can span various tools and functions. One of the most common examples of an IAM solution is single sign-on (SSO). The term itself, SSO, has taken on multiple meanings over the years and came to join the IT lexicon during the rise of web apps. It’s helpful when seeking the definition of single sign-on to understand that like all IT, it evolved over time. At its most basic, the definition of SSO is a platform that provides one login “experience” to a myriad of resources (most commonly, SaaS apps).
SSO and Web Applications
While not in line with the conventional definition of SSO, you could say the first version of SSO emerged almost a couple of decades ago when the enterprise was dominated by Microsoft®. Back then, users could simply log into their desktop computer and then they’d be able to access all of the Windows-based resources they needed including Office, Exchange®, and what was most likely a wired network. This was possible because the leading identity provider at the time, Active Directory®, was created to manage user access in an on-prem, Windows®-centric ecosystem. The catch was environments had to remain locked-in with Microsoft in order to create that single sign-on experience for end users. This was fine for a time, but then web-based applications hit the market. On-prem Active Directory wasn’t built to support this type of resource, so the generally understood approach to SSO emerged. This approach is what many web app SSO providers (also known as first generation IDaaS) deliver; it allows users to access web applications such as GitHub, Slack®, Salesforce®, and many other useful workplace tools via one set of credentials.
However, SSO is not a complete IAM solution (read: identity provider); it works primarily with web apps. As a result, organizations (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/definition-of-single-sign-on/