Enterprises have been increasingly implementing single sign-on in order to provide clients with an improved user experience. During the course of the day, an average user may access dozens of applications. Simplifying the process to a ‘sign-on once and done’ experience provides several benefits.
Advantages of Single Sign-On (SSO)
- Single Sign-On eliminates the need to remember multiple passwords.
- It allows automatic login to applications such as Microsoft Lync, SharePoint and corporate intranets.
- SSO reduces the risk of accidental account lockout, which in turn allows more efficient use of the company’s IT department.
Considerations when introducing single sign-on
- Strong password policies including complexity, age and history should be enforced, since the compromising of accounts would allow access to all applications and services.
- A balance has to be struck between ease-of-use and security for kiosk-based environments where multiple users access workstations (i.e., medical facilities). Configuring short timeouts and a frequent prompt for confirmation that the user is still active are typically needed.
- SSO can introduce the risk of a single point of failure for application authentication in the event of an outage. Precautions should be taken to ensure that high availability is in place to withstand a single instance outage or a catastrophic site failure.
SSO with KEMP LoadMasters and the Edge Security Pack
Historically, Microsoft Forefront Threat Management Gateway (TMG) has been used by a large customer base to provide SSO services. This product came to an end of sale in December 2012 with the end of mainstream product support drawing closer. Keeping this in mind, KEMP introduced the Edge Security Pack (ESP), which combines several of the core features in TMG that are most complementary to an application load balancer. Designed to provide a number of security-focused features, including single sign-on, ESP simplifies application publishing and helps reduce time to market for line of business applications.
Learn more about the KEMP Edge Security Pack at https://kemptechnologies.com/tmg-edge-security-authentication.