Streamline the authentication process by enabling reuse of authentication results across multiple systems thus enhancing user experience, reducing efforts from relying parties and strengthening security
Inputs
Organization policies
IT Systems
IT Change Management
IT Project Management
Activities
Design SSO
Deploy SSO
Maintain SSO
Optimize SSO
Outputs
IT Systems that reuse centralized or federated authentication
Indicators
SSO Deployment Level
SSO Deployment Ratio
Scopes
At the level of an organization entity, program or project, the process scope may be defined using the scope dimensions listed below. But at the organization level, the scope must be embraced holistically to effectively manage revocation risks and consider all of these scope dimensions .
User populations: permanent employees, contractors, partners, customers, consumers, authorities
Identity categories: humans, robots, processes
Principal categories: user accounts, technical accounts, service accounts
IT Systems (business applications, infrastructure, …)
Organizational scope (region, division, unit, …)
Risks
The deployment of SSO reinforces security, even though it may marginally increase risk in certain circumstances, e.g. when an identity is compromised (/wiki/spaces/QUOT/pages/76021898). This risk is typically offset by the concomitant implementation of MFA.