Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
10 Things You Must Know Before Implementing an SSO Solution
1. 10 THINGS YOU MUST KNOW
BEFORE IMPLEMENTING
AN SSO SOLUTION
10 THINGS YOU MUST KNOW
BEFORE IMPLEMENTING
AN SSO SOLUTION
2. KNOW WHAT SAAS APPS
YOU HAVE
01
Map all the SaaS application used in
your organization
You may discover many surprises at this point:
● finding unused applications
● orphan ones
● and some you were not aware of
3. KNOW YOUR USERS
02
External and temporary users included
Do they need any special configuration? Does the
SSO provider allows you to set different settings for
external users? Can you specify expiry dates for
temporary employees?
4. WHICH SAAS APPS CAN
BE CONNECTED
03
Check for SAML 2.0 support by your
SaaS apps
SAML 2.0 is a standard for exchanging authentication and
authorization data between security domains. SAML 2.0 enables
web-based, cross-domain single sign-on (SSO), which helps
reduce the administrative overhead of distributing multiple
authentication tokens to the user.
5. Azure AD or G-Suite Connectivity
04
Have a single master of records for
your users’ identity
Your SSO of choice should be able to delegate your
authentication request to the relevant service.
6. AUTOMATIC PROVISIONING STRATEGY
05
Automatic provisioning allows you to simply add your
users to your SSO provider and the relevant group
Pay attention as automatic provisioning may lead to
uncontrolled license management.
7. UNDERSTAND THE HIDDEN COST OF SSO
06
Upgraded SaaS application plans may be double
than what you are paying today
8. MFA SIDE EFFECTS
07
Make sure to validate those aspects with your users before
rolling out MFA on those business applications.
Some SaaS accounts may have been used as shared
accounts, where more than one employee access
them. Enabling MFA on certain business applications
may block the access to those shared accounts.
9. CONFIGURATION TIME
08
Configure SSO for your SaaS application
is time consuming
What contributes to the configuration complexity:
● Upgrading SaaS application to the right plan - see point #6
● The configuration of each SaaS application is different, manual
and error prone
● Some users may find themselves locked out of crucial business
applications during the migration process. Make sure you
communicated well upfront and coordinate the change with the
relevant stakeholder well in advance.
10. SSO IS NOT A SILVER BULLET
09
SSO doesn’t replace your employees common
sense and best practices on keeping access to
SaaS apps secure
Make sure your employees make the best out of the SSO
solution you’ve provides and not blindly rely on it.
11. CONCLUSION
10
Implementing an SSO solution is no
longer just a nice-to-have tool
Keeping up with all the SaaS apps out there is just
impossible without the right tools.