What is Single Sign-On?
Single Sign-On allows employees or computer users to automatically gain access to a variety of online apps and services without having to remember multiple passwords. Effectively it acts as a technical go-between – meaning you only need to confirm you are who you say you are once. The alternative without Single Sign-On is to go through laborious password processes for every online tool each time you open it.
Single Sign-On is good from a privacy perspective because it means employees are less likely to write down or store passwords on their computer (or on paper!), because there are far fewer to remember. It’s also good for efficiency. Every time an employee forgets a password, they will be locked out of the systems they need and unproductive until the busy IT team has solved the issue.
While Single Sign-On reduces the issues of managing multiple passwords, it does also open-up the possibility that someone with bad intentions could gain access to far more data than they would have otherwise (if each application had different passwords). For this reason, it’s a good idea to add another security layer in the form of Multi-Factor Authentication (MFA). This might be a code sent to a verified user by text message, and it ensures that even if a Single Sign-On password is compromised, a cyber attacker still cannot gain access.
What does the National Cyber Security Centre (NCSC) say?
The NCSC is actively working to reduce organisations’ reliance on employees having to remember lots of complex passwords. It advises that organisations should adopt holistic approaches to security, by combining best practice robust security processes with additional technological defences. As part of this it recommends using Single Sign-On systems, in partnership with Multi-Factor Authentication.