With some single sign-on (SSO) solutions approaching $25 per user, per month, it is no wonder that many IT organizations are looking for a cheap SSO solution. And while it may seem counterintuitive, the rapidly changing IT landscape is actually working in favor of IT organizations when it comes to IT management tools. So, there is no reason that IT admins need to shell out big bucks for high-quality identity management solutions. The currency involved in this transaction is simply knowledge—knowing where to look and how to approach the problem can alleviate any reason to spend big.
Expensive SSO Layering
Generally, when IT admins think of implementing web application single sign-on, the solutions they typically settle on involve layering the SSO solution on top an existing identity provider (IdP). The legacy IdP used most often is Microsoft® Active Directory® (MAD or AD), which is no surprise as it is the commercial leader. The goal here is that a centralized identity from AD will be federated to the web app SSO platform and then on to web applications like Salesforce®, GitHub™ or Slack.
The trouble with the layered on approach is that it often leads to other solutions getting piled on top of Active Directory as well. For example, web applications are not the only relatively new resources to enter IT environments. So, IT admins need to leverage multiple add-on solutions like identity bridges, so they can connect Mac® and Linux® machines to AD. Then, if the sysadmin wants to bolster security, they will need an add-on for multi-factor authentication (MFA) tools, another for privileged identity management, and one more still for event logging. These are just a few examples, but you can see where this is going.
What results is not only a stacking of solutions on to AD, but a stacking of costs as well. There’s the initial cost of client access licenses (CALs), and then the cost of every add-on. Because there is also a great deal of integration work involved with this setup, there are professional services costs too. Plus, (Read more...)