When we engage with a new IT team and ask how they are currently managing user identities and access, more often than not, they simply point to a single sign-on (SSO) portal. This inevitably prompts a clarifying discussion around the meaning of SSO.
Many organizations see a positive impact from implementing an SSO portal and assume it is meeting all of their identity and access needs. And, while there is no doubt that SSO capabilities are an important part of any identity and access management (IAM) solution, a full-featured IAM solution has other, equally important features that go well-beyond the capabilities of an SSO portal alone.
While these two solutions do offer some of the same capabilities, SSO is really just a component of a larger IAM solution. After all, many SSO portals lack automated provisioning and deprovisioning, strong authentication, and full identity governance—all essential functions and capabilities of a complete IAM solution.
So, Who Can Benefit from an SSO Point Solution?
Companies with limited help desk resources, stressed by password-related issues, can experience much needed relief from an SSO portal. According to Gartner, Inc., 40 percent of all help desk support calls are for password resets. This influx of password reset requests drives up help desk costs and inhibits support staff from working on other, more critical issues.
With SSO, a single set of login credentials for the portal provides access to any resources integrated with the SSO portal, eliminating the need to remember login credentials for each application. This dramatically reduces password reset issues. In fact, the cost and time savings from self-service password management alone often pay for the system in under two years.
And this is exactly what SSO portal vendors highlight to get the check signed.
Most Organizations Need More Than SSO
In concept, this sounds great—simple, tangible benefits and a solution that offers concrete ROI. But in reality, this is not the complete story. Most organizations need more than what an SSO portal can provide. Of course, SSO portal vendors will never tell them that. It is up to these organizations to find out if they stand to benefit more from the comprehensive benefits of a full-lifecycle IAM platform.
Unfortunately, the vendor- and press-generated noise surrounding SSO has caused a great deal of confusion regarding what an organization really needs in terms of IAM. This noise leads people to believe that password issues are the bulk of their identity woes and can be solved easily by an SSO portal.
The fact is, most organizations have other challenges that they must address when it comes to managing user identities and access.