Single Sign-On: Balancing Power and Responsibility 

Single sign-on (SSO) is a powerful productivity tool for organizations today

Facilitating access to on-premises and cloud-based applications, it dramatically simplifies the user experience. With SSO, users simply logon once, open a web browser or portal application, and open any and every application provisioned for them by IT.  

But as Peter Parker’s Uncle Ben taught us “with great power comes great responsibility,” and SSO’s potential power is indeed great. 

Know the Security Risks of SSO 

Since the entire goal behind SSO is more about providing access than restricting it, there are going to be some risks involved (as with any other form of access).

So, what exactly are the security risks of SSO?  

One Account for Lots of Access. From a user’s perspective, this is the dream. But any IT team should get nervous ticks just thinking about the added risks.  

One Click Away from Disaster. Not to be dramatic, but a simple provisioning mistake on the part of IT can give a user access to data that has nothing to do with their role in the organization. 

Instant Extension of the Security Perimeter. Long gone are the days when the corporate network was defined by endpoints in cubicles and four walls of concrete. The modern enterprise’s IT infrastructure, and especially SSO, gives on-site and remote users alike instant access to your organization’s web or cloud-based data and applications.  

A Vulnerability for Lateral Movement. Once external attackers have a foothold in your organization (likely an endpoint infected with malware), their next move is to try to move laterally within the organization. This move usually requires additional credentials. Then, they try to access applications and data beyond the endpoint itself. But, wait, that sounds familiar, right? Kind of like exactly what SSO does? Sure, SSO only provides access to the applications and data the user needs to do their job (as long as IT implements it error-free!), but it opens up a window of opportunity for the attacker. 

Does this mean SSO is a bad idea? Of course not. But it’s important to acknowledge that SSO carries risk.  

It makes sense when you think about it: when you simplify access to many applications for users across the globe – on any device, there’s going to be potential for disaster (remember, great power…). 

Own IT’s Responsibilities 

Once you acknowledge and hedge against the risks inherent to SSO, you can harness the full power and benefit of SSO. Not only can SSO improve user productivity, but savvy IT teams can also use many aspects of SSO to improve an organization’s security. 

So, given the great power of SSO, what are IT’s responsibilities? 

In general, IT has a responsibility to recognize: 

The Abundance of Access. Uncle Ben’s warning to Peter Parker was as much about self-control as it was about acknowledging the power’s existence. You can’t do the former without the latter. Similarly, taking responsibility for SSO requires first acknowledging SSO’s capabilities. 

The Real and Present Danger. Cyber-criminal organizations today systematically investigate, document, code, and test against vulnerabilities, making them as effective at being “bad guys” as your security providers are at being “good guys.” You need to be in a constant state of alert. One infected endpoint can spell a data breach, lost productivity, or loss of your organization’s reputation. 

The Advantage of On-Premises Authentication. Just because you want to give users easy access to the cloud doesn’t mean that you need a new way to authenticate them. Retain your on-premises Windows server directory for user authentication for optimal security, not to mention for ease of management (who has the time to manage duplicate directories?). 

The Need for Multi-Factor Authentication. In general, SSO supports two or more factors of authentication. Since you’re potentially giving a user “any time, any device” access to a ton of data and applications, validate the living daylights out of them. Combining SSO with multi-factor authentication may require a slight effort from your users, but it’s a critical step to ensuring that your security requirements balance out with this gain in productivity. 

The Importance of the Context-Aware Logon Management. For most organizations, SSO is more about productivity than security. So, you’ll want to keep security as lightweight as possible and target it on the single most important point in the SSO process: the logon. You do this for two reasons: 1) no logon, no access, and 2) once logged on, it’s too late to hedge risks. Because the Windows logon is often the only security verification that many organizations use, place as many contextual controls around the logon as possible, whether they’re native to Microsoft Windows environments, or whether you leverage third-party solutions that monitor and manage logon security and session management. These measures put much-needed “responsibility” around this pivotal action to secure how you implement SSO. 

Make Responsibility a Mindset 

Ultimately, responsibility is a mindset. And, like most, it’s one that eventually turns into a change in behaviour. SSO’s power demands that IT take a responsible approach and ensures the security that SSO requires. By doing so, IT harnesses the power of SSO, wielding it as not just a productivity tool, but as a security tool as well. 

About the Author

François Amigorena is the founder and CEO of IS Decisions, a global software company specializing in access management and MFA for Microsoft Windows and Active Directory environments. A former IBM executive, François is also a member of CLUSIF (Club de la Sécurité de l’Information Français), a non-profit organization dedicated to information security.

Featured image: ©Putilov_denis