This document discusses single sign-on (SSO), including the pros and cons. It outlines different SSO standards and categories like network-based, federated, and outlines who typically owns SSO implementations. It notes that while SSO provides benefits like a consolidated user experience and cost savings, it also presents challenges like being a large effort, requiring flexibility, and creating a single point of failure. The document discusses how SSO requirements can be complex due to a variety of user and application types and factors. It concludes by examining trends like the move to APIs and cloud/mobile and how users want more options, and provides examples of SSO challenges in different industries.
Segregation of Duties and Sensitive Access as a Service webinar
SSO_Good_Bad_Ugly
1. Single Sign-On (SSO): The Good, The
Bad & The Ugly
Steven C. Markey, MSIS, PMP, CISSP, CIPP/US , CISM, CISA, STS-EV, CCSK, Cloud +
Principal, nControl, LLC
Adjunct Professor
2.
3. • Presentation Overview
– SSO
– Pros & Cons
– Where Do We Go From Here
– Examples
SSO: Good, Bad & Ugly
20. • Where Do We Go From Here:
– Drive for Cost Savings
– Common Standards = Options
– Apps Web APIs
• Legacy Apps Will Still Be Around
– Cloud & Mobile SSO Requirements
• Blurring Work / Personal Differential
– Users Want Options
• Customers & Suppliers
• Self-service
SSO: Good, Bad & Ugly
21.
22.
23.
24. • Examples:
– Financial Services
• ICE / NYSE: Multiple M&As, Large Portfolio of Apps
– Higher Education
• Traditional / Online: Vendor Reliance
– Healthcare
• HITECH / PPACA “Obamacare”: Digitizing Medical Records
SSO: Good, Bad & Ugly