Best Practices with Single Sign-On

This checklist is designed to offer guidance to decision makers in enterprises, small and mid-tier organizations, government agencies or other organizations to assess single sign-on (SSO) systems, as well for SSO developers to ensure that they have provided is equipped to detect the possibilities of exchanging identification and authentication credentials.

This checklist will provide you with:

The most important metrics to consider
Making sure that your SSO system is fully SSO enabled
A handy matrix form for you to see what each vendor has to offer

Checklist for Single Sign-on Systems

Key Metrics	Does the SSO Support
Application Integration	On-premises On cloud Hybrid
Community Support	Employees Contractors Partners/Vendors Customers
End users or customers	Facebook Google
Password Vaulting vs True SSO	User enters username+password to access apps/sites User log-in for single time to access apps/sites
Open Standards	SAML OpenID Connect OAuth 2 WS-Federation
Mobile Users	SSO for mobile devices Work with various devices with SAML and MDM vendors MFA Authentication tool
Meet Security regulatory compliance	SOC 2 Type 2 ISO 27117 ISO 2701 ISO 27001 CSA Star Truste US Privacy Shield Skyhigh enterprise ready GDPR EU Model Contract Clauses NIST Cyber security framework Vendor penetration, network and bug tests
Disaster Recovery Availability	99.99% availability Across data centers located across regions Replication and redundancy across regions
High usability features	Single portal for apps Integration with different browsers Easy login process Easy app access process Users can reset passwords on their own
Enterprise access	Integrates with VPN Integrates with Wi-Fi for app access Endpoints integration with RADIUS and LDAP
Authentication	MFA Adaptive authentication Automated authentication X 509 based certificates
Authorization Management	RBAC access Provisioning and de-provisioning of user access in apps
Integration features	Seamless integration with in-house custom apps through API Seamless deployment of SSO without disturbing existing apps
Federation	Existing identity providers like Microsoft Active Directory (AD) Amazon AD LDAP Google directory Human resource management systems such as Workday, Sucessfactors
Password rules	Setting up of password when expires Set password complexity such as length, characters Reduce support tickets during expiration notifications MFA requirements for password resets if MFA issued
Developer Support -custom apps and third party systems	API support SSO registration SDK for major platforms and languages OpenID Connect
Compliance based reporting	External authorization to third party SIEM solutions Audit trails
User Behaviour Analytics (UBA)	Allow blacklist, whitelist of geo-locations and IP’s Set responses to high risk logins attempts Re-authentication to access certain apps with MFA tools
Data processing model	Where data identity is processed and stored

Having any doubts or want to have a call with us to know more about SSO ?

Contact us right now by clicking here, Sennovate’s SSO Experts will explain everything

on call in detail.

You can also write a mail to us at [email protected] or call us on +1 (925) 918-6618.

About Sennovate

Sennovate delivers custom identity and access management solutions to businesses around the world. With global partners and a library of 1000+ integrations, we implement world-class cybersecurity solutions that save your company time and money. We offer a seamless experience with integration across all cloud applications, and a single price for product, implementation, and support. Have questions? The consultation is always free. Email [email protected] or call us at: +1 (925) 918-6618.

Security Engineering

Managed

Advisory

Strike Team & SSSP