What are the pre-requisites/necessary technology components required to implement single sign-on (SSO) in an o...
There isn't a cookie cutter set of requirements or components for implementing single sign-on (SSO) in an organization. It depends predominantly on two things: the size of the organization and the risk levels of the different systems that would be enrolled in the SSO set up.
Besides that, SSO comes in different flavors and varieties such as a set of software modules or as a hardware appliance. Again, it all depends on the size and business needs of the organization.
As a general rule, however, every SSO implementation should have the following: an inventory of systems, a needs analysis and a deployment schedule.
Before setting up an SSO system, it's important to know what systems are in place, what type of authentication they require and what directory services they are using. One purpose of SSO is to knit together diverse systems. So, a good SSO system should be able to work with both Active Directory and LDAP, as well as handle the different types of authentication systems in the environment. The other thing to consider is whether the organization needs SSO strictly for network access or for Web access as well.
Next, conduct a needs analysis to determine which systems should have SSO access. Which systems are being accessed the most frequently by users? Are they a mix of Web applications or network systems? This will determine what technology components are necessary for SSO implementation.
Lastly, it's necessary to put a deployment schedule in place. Users have to get accustomed to the SSO system. A roll out should be in phases, so that if something goes wrong, or employees are having difficulty, it won't take down the entire access management infrastructure at once.
The key components of an SSO depend on whether it's a software or hardware implementation. For a software-based implementation, such as with IBM's Tivoli, dedicated servers are required to run the system. Also important are development resources to tweak and customize the packages to the organization's specific requirements.
For a hardware-based implementation, such as with Imprivata Inc.'s all-in-one appliance, the product must be compatible with the network architecture.
- Learn more best practices for implementing SSO.
- Interested in keeping up the IAM trends? Read this tip from a security expert.
Dig Deeper on Single-sign on (SSO) and federated identity
Related Q&A from Joel Dubin
Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures ... Continue Reading
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums ... Continue Reading
Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good ... Continue Reading