The security software on my home computer has an appreciated yet annoying feature that is intended to enforce password management upon me in spite of myself. Whenever I visit a new site that requires a password — and it seems all sites require passwords these days whether any financial transaction takes place on them or not — a warning flashes on my screen if I select a password that too closely resembles (or as is often the case, mimics exactly) a password I have already chosen for another site.
In spite of these warnings, using the same password — provided it is complex enough to avoid being hacked — makes sense. In a world gone password crazy, people need to use the same password repeatedly for no other reason than because trying to remember multiple passwords can be a logistical nightmare. This is particularly true for employees within an organization who may need to access to multiple files or systems. There is no way an employee could easily manage a different password for each file or system, especially when the necessary complexity of those passwords — factoring in letters, numbers, spaces and special characters — makes them even more difficult to remember. The only way to remember that many complex passwords would be to write them down, which completely flies in the face of IT risk management compliance.
This is why single sign-on (SSO) — using a single password to access multiple applications — makes sense from an enterprise password management perspective. The burden of having to manage many accounts for each employee is removed because only one account for each employee needs to be managed. In addition, it prevents a flood of enterprise password resets and active directory password reset requests to the Help Desk or IT department. Even if an organization turns to a self-service password reset for its enterprise password management system, the automated password reset tool that is employed should create an SSO solution that yields identical passwords across the board for all systems to which that employee has access.
From a user perspective, it is considerably more convenient to sign on just once for access to all applications and databases rather than having to log on to each system separately. Single sign-on helps boost user productivity by reducing security-related tasks and can even improve employee morale by eliminating the irritation of having to remember multiple complex passwords.
However, just like other identity and access management projects, SSO and enterprise password managent requires preparation by an organization before it can be successfully deployed. This was a hard lesson learned recently by a Thailand-based educational tablet provider. As reported recently in Dark Reading, the company ran into problems integrating its SSO system with one virtual-school provider. This nearly put a major pilot program on hold. Getting the two password management systems to work together required a great deal of integration work.
In spite of this example, the market for SSO services and enterprise password management is expanding because companies are laying the tracks needed prior to deploying SSO technology. Those steps include:
- Identity the application(s) the organization wants to enable on SSO
- Record the logon process of each application
- Determine to whom access should be granted for each application
- Test SSO and maintain the SSO process as interfaces to web applications change
- Rollout SSO applications from the easiest to most difficult (e.g., internal web applications, then external web applications, then Windows 32-bit applications, and finally legacy or java applications)
Following these steps helps organizations to integrate single sign-on enterprise password management, which leads to secure and efficiently automated access management. This makes SSO a “must have” to reduce costs, increase operational efficiency, manage risk and achieve regulatory compliance.
Watch the video to learn more about Avatier’s Password Station product introduction. Password Station delivers a complete enterprise password management system with a multitude of self-service password management options via the web, automated phone systems, biometrics and more.
Learn the Top 10 Password Management Best Practices for successful implementations from industry experts. Use this guide to sidestep the challenges that typically derail enterprise password management projects.