What is Single Sign-On (SSO for enterprise)?

Understand the need for Single Sign-On (SSO) in the Enterprise

What is SSO (Single-Sign On)?

SSO (Single-Sign On) is the functionality that allows users to sign-in (authenticate) only once during a whole session, no matter how many applications are being accessed. They can then access their data transparently, without the constraint of retyping a new user name/password couple. Evidian Enterprise SSO performs the SSO functionality. The video shows a single sign-on that allows access to different applications with strong passwords for each application.

Why do enterprises invest in SSO?

Reinforce security and satisfy regulatory constraints with the Evidian SSO

By creating an obligatory passage point between a user and its applications, an organization can effectively control the accesses. Moreover, a log of these accesses and administration operations is kept centrally, which facilitates audit. Evidian SSO facilitates compliance with confidentiality, integrity and availability requirements.

Reduce operating costs with the Evidian SSO

Multiplying passwords, often for excellent reasons, reduces users’ productivity and the quality of work. But these "hidden costs" often have a visible side: up to 30% of helpdesk costs are due to lost passwords. This will be considerably alleviated through an Evidian SSO solution, with a return on investment that is easy to evaluate.

Open up an information system without risk to the outside world with the Evidian SSO

This demand is getting increasingly frequent: access to the web has become easy, yet employees still have problems accessing intranet applications from outside. Doctors who must consult some medical records, engineers on a work site, sales reps in their hotel: Evidian SSO allows transparent and secure access to web applications, even from outside.

The three architectures of Single Sign-On

Enterprise directory

SSO data is simply stored, in encrypted form, in the directory that already exists in most companies. For instance, the Active Directory base through which users’ access Windows. Therefore, you do not need to install any server or appliance. Your PCs are already configured to access the information, since they already access the directory. Deployment costs are reduced significantly.

SSO server

The information is stored on a server, for instance a Windows or Unix server, that is generally dedicated to this task. The client on the PC queries the server whenever necessary. This server is often duplicated for high availability, although cache mechanisms on the PC can compensate for temporary unavailability. Therefore, start-up costs must be taken into account: servers (but you can dedicate an existing server) and software installation. In a distributed architecture, the number of these servers may be high.

SSO appliance

It is just a variation of the SSO server solution: software and hardware are packaged together. Software-deployment costs are thus reduced. On the other hand, it is not possible to install the software on an existing server, which may increase the deployment costs. Finally, it is often impossible to add memory and disk on an appliance, unlike a server.

Evidian Enterprise SSO uses an enterprise-directory-based architecture. Experience has shown that this simpler solution is quicker to deploy, while maintaining the highest security level.

Evidian Products

Identity as-a-service

The best way to align your IAM and Cloud strategy

Learn more   >

Identity Governance and Administration

Control identities and rights to enable business transformation

Learn more   >

Web Access Manager

The central point of access to all your applications

Learn more   >

Enterprise Single Sign-On (SSO)

A single authentication for all applications using passwords

Learn more   >

Analytics and Intelligence

Detect Suspicious behaviour and improve governance

Learn more   >

Authentication Manager

Authentication Manager

Multi-Factor authentication framework for Windows

Learn more   >

Self Service Password Reset (SSPR)

Reset your Windows password online and offline

Learn more   >

SafeKit

The simplest hardware-independent high availability cluster

Learn more   >