What is the difference between the SSO approach of a vendor like Ping Identity and that of a provider such as Symplified?
Ping Identity Corp. and Symplified Inc. both provide third-party single-sign-on products. Their infrastructure services are very different, however, and hence provide different types of SSO.
Symplified SSO provides an end-user identity and access management, or IAM, offering. This service focuses on "front-ending" a number of applications located across multiple company sites. After going to Symplified's service portal and authenticating, end users are presented with applications from a number of company sites they are authorized to access.
Ask the Expert
Randall Gamby, SearchSecurity.com's resident expert on identity management and access control, is standing by to answer your toughest enterprise IAM questions. Send in your questions today! (All questions are anonymous.)
Ping Identity provides organizational single sign on. It sets up the agreements and protocols necessary to tie multiple authentications for a single company's application's back end. For example, a user logs into an organization's portal and authenticates against its server. If the services the user needs access to reside on another company's site, the organization routes his credentials to Ping Identity, which forwards them to the remote company's site; the vendor then validates the credentials and returns the data to the local organization for presentation to the user.
So, which vendor's offering might work best for you? If you provide support services to other online service providers where the end company's name is known, such as an online marketplace, then Symplified is likely the best choice. It can provide simple application programming interfaces (APIs) and the protocols needed to ensure clients can get to each independent site through a single authentication event. Because of the way Symplified works, however, users will have different application-level experiences based on the back-end companies they connect with.
If your organization wants to maintain a single corporate identity, provide a common user experience and mask the cloud service providers it uses, Ping Identity is in all likelihood the better choice. Ping ensures the "handshakes" required to tightly integrate an organization's providers to its applications while allowing a common user interface. This also means that it is important to understand which data is being returned, and need to map this into the application's interface.
Regardless of which is chosen, both vendors are capable of providing single authentication to the user.
This was first published in August 2012