Are you tired of trying to remember all the passwords for your various applications at work? Have you committed one of the cardinal sins of password safety – writing all of you passwords down or using the same password for all your applications? GASP! There is another way. Single sign on allows you to use one set of credentials for all your applications. While password safety is an important benefit to single sign on, it also speeds up the sign in process for your staff, ultimately increasing productivity.
In this blog, we’ll outline how single sign on works within Microsoft 365 and the benefits for implementing it at your business.
What is single sign on?
Single sign on (SSO) is an authentication method. It allows end users to sign in and authenticate for various applications with the same set of credentials. Trust is established between the authentication service and the application to enable the authentication service to provide the user’s SSO credentials, rather than the user creating and entering different credentials for every application they use.
Microsoft provides single sign on services through Azure Active Directory (Azure AD). By virtue of having a Microsoft 365 tenancy, you are creating a federated trust between the Microsoft 365 services and applications and Azure AD, which is the platform for authentication. Once SSO is enabled, users can authenticate with one set of credentials across all Microsoft tools and applications, as well as other cloud, software-as-a-service, and on-premises applications.
You can also purchase other third-party SSO solutions to implement at your organization.
What are the benefits of single sign on?
It’s easy to see the security benefits of implementing single sign on. Ensuring users only need to remember one password helps reduce the risk of stolen passwords resulting from writing them down or using the same password for multiple applications. SSO also implements additional security and authentication to help ensure your users are logging into secure and trusted applications.
There are several other benefits to an organization interested in implementing single sign on. Most importantly, using SSO helps decrease the workload on your IT department by limiting the number of password-related requests and issues that arise. It also streamlines the log in process for the end user, helping increase the overall productivity of your team.
How does single sign on work?
Broadly speaking, single sign on works by creating a trust relationship between the authentication application and the application the user is signing in to. This enables the application the user is signing into to recognize the credentials stored in the authentication application.
In Azure AD, there are several options for SSO; what you choose will depend on the application you’re integrating with.
Federation happens when SSO is set up between two authentication providers. Essentially, your browser sends a request to authenticate, which is routed to Azure AD. If the application is federated, Azure AD provides your credentials, which the app accepts as authentication.
Here’s a great video explaining how federation works: Authentication fundamentals: Federation.
- Password Authentication
When you enter your credentials for the application the first time you use it, Azure AD remembers these credentials for you and recalls them on your behalf the next time you use the application.
If you’re in the process of migrating to SSO, linked authentication provides a consistent experience for end users.
You can disable SSO authentication for particular applications.
Single sign on may seem like a simple feature in Microsoft 365, but it has big benefits. Not only does it add another layer of security to your organization and password process, but it also helps streamline your end user experience and simplify password-related requests for your IT department.
To take advantage of SSO in Microsoft 365, you’ll need licensing for Azure AD. Single sign on is just part of the identity protection suite offered by Azure AD, including multi-factor authentication and conditional access.
Establishing single sign on for your end users means one set of credentials for all your Microsoft tools and applications, as well as additional third-party applications. Ready to get started? Get in touch with us at regroove.ca – we can help!