Why Single Sign-On (SSO) is the Way Forward for Business Security 

By Linda RoperMarch 30, 2022
Share:

We’re all familiar with the little pop-up window that shows up with our social identity credentials from services such as Facebook, Google+, LinkedIn, and Twitter, when we want to log into our various online accounts. Experts call this method single sign-on (SSO), and it is especially useful for apps, because it guarantees a seamless customer journey.

Image shows login or sign up screen for single sign onImage: ©canva.com

In this article we discuss, what is single sign on, what are the benefits of it and what platforms ExpenseIn integrates with.

What is Single Sign On?

In an age, where accessing cloud-based services is the norm, the question about digital security is more relevant than ever. Hence, most companies these days have a Chief Technology Officer whose role –amongst many other tasks – is to ensure that only authorised people have access to the technology resources they need to perform their jobs. The safest way to set up access to different software platforms which employees use on a daily basis is via single sign-on. According to One Login, one of the world’s biggest identity providers, “Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.”

Single sign-on is provided by so-called identity platform providers such as Okta, who describes its service as “a modern solution for managing the identities of users and devices in a centralised fashion.”

Not to forget, 2-step authentication also known as 2FA and MFA (multi-factor) can be configured within the identity provider, meaning that even if the application itself does not support MFA, then this can still be enforced as part of the SSO authentication process. If you want to learn what 2-step authentication is and how it enhances your security, we’ve previously written a separate article on the topic.

How Does Single-Sign On Work?

Single sign-on automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don’t even need to type in their passwords to sign into their identity provider, and usually, even type in their usernames.

Benefits of Centralising User Authentication via Single Sign On?

  • Advanced user security: Stop inappropriate access and enforce the highest level of security to the software products your employees work with on a day-to-day basis.

  • Productivity: Reduce the stress of lost passwords and let your employees focus on their important tasks.

  • Compliance: Avoid data breaches and improve compliance to data protection regulations with single-sign-on features.

Which Identity Authentication Platforms does ExpenseIn Support?

ExpenseIn supports single sign-on (SSO) via SAML 2.0 and enables users to authenticate their identity with Azure, Okta, OneLogin, Google Cloud Identity and many more providers, giving them all the benefits of top-end user access management.

Setting up an identity provider for SSO with ExpenseIn is a one-off task. You must simply add the identity provider and associate it with one or more domains within Admin.  This allows the correct identity provider to be contacted for a particular email address being used for SSO.

Single sign-on providers Okta, onelogin, Azure and Google Cloud identity