Single Sign-On
Single Sign-On Answers from the SSO Experts
Single Sign-On / Password Management
What Is Single Sign-On?
Single Sign-On (SSO) is a seamless user authentication mechanism that transparently provides privileged access to multiple systems, applications or networks after a single log-in. With Single Sign-On, users access web-based applications without logging in for a second time.
ROAM Single Sign-On is compatible with multi-factor authentication and allows for central auditing and detailed reporting of all activity.
For Single Sign-On, users only need to enter their ID/Password the first time they access the URL. The user ID and password can be stored, on a per URL basis, within the ROAM system (e.g., Outlook Web Access). This eliminates the need to remember multiple passwords when accessing multiple systems.
ROAM provides Single Sign-On capability to applications delivered through ROAM. Users authenticate to ROAM and can then access applications without logging on for a second time. ROAM provides basic http/https authentication for Web applications that support Basic Authentication. ROAM provides Single Sign-On into Windows environments (e.g., Windows Terminal Server, Windows Application Publishing, Citrix, etc.) and into Windows applications (such as those manufactured by Cerner, MEDITECH, Eclipsys, etc.) via the ROAM Gateway.
For Single Sign-On purposes, the user can manually store their Windows ID/Password in the ROAM platform. Users and administrators can manage and update their passwords with ROAM Password Management. Optionally, ROAM can capture the Active Directory or ROAM ID/Password pair at ROAM Login and store it into the encrypted ROAM LDAP. This user ID/password will then be used to authenticate the user into their windows environment when required to launch a windows application. This method also serves to enable auto login for Web sites, when authentication is available via a URL.
Why Choose Single Sign-On?
Single Sign-On improves user productivity. Users no longer have to rack their brains trying to remember multiple user names and passwords.
Single Sign-On improves support personnel efficiency as Single Sign-On frees support personnel from having to answer requests to reset forgotten passwords.
Single Sign-On simplifies administration. The ROAM Identity Manager makes it easy to administrate user accounts for Single Sign-On. The organization’s IT administrator uses the ROAM Identity Manager for user administration, setting authentication requirements, and managing account and password policies. To improve security and simplify the user experience, the ROAM identity manager provides for integration with Active Directory.
What are the Disadvantages Associated with Single Sign-On
Traditional Single Sign-On solutions can be complex, time-consuming, and expensive to retrofit to existing applications. AnyWare Group’s engineers are experienced at helping IT administrators set-up Single Sign-On for legacy applications through ROAM.
Implementing Single Sign-On can increase security risks. An unauthorized user could gain access to a user’s applications if the user walks away from the computer and leaves it logged on. Although this is always a potential security risk, with Single Sign-On, the risk increases because the unauthorized user is given access to all the user’s resources. With multiple logons, only one application is potentially compromised if the user leaves the computer unattended. Similarly, if a hacker should discover a user’s authentication criteria, Single Sign-On would give the hacker more opportunities to compromise systems. Both users and administrators must be vigilant to protect against these disadvantages so that everyone can benefit from the benefits of Single Sign-On.
|
| |
