Skip to content
IDENTITY SECURITY

Best Practices with Single Sign-On(SSO); Assess You Organization Readiness

3 MINUTES | JULY 30, 2019
Table of contents
This checklist will provide you with:
This checklist is designed to offer guidance to decision makers in enterprises, small and mid-tier organizations, government agencies or other organizations to assess single sign-on (SSO) systems, as well for SSO developers to ensure that they have provided is equipped to detect the possibilities of exchanging identification and authentication credentials.

This checklist will provide you with:

  • The most important metrics to consider
  • Making sure that your SSO system is fully SSO enabled
  • A handy matrix form for you to see what each vendor has to offer

Checklist for Single Sign-on Systems

 
Key Metrics Does the SSO Support
Application Integration On-premises
  • On cloud
  • Hybrid
Community Support
  • Employees
  • Contractors
  • Partners/Vendors
  • Customers
End users or customers
  • Facebook
  • Google
Password Vaulting vs True SSO
  • User enters username+password to access apps/sites
  • User log-in for single time to access apps/sites
Open Standards
  • SAML
  • OpenID Connect
  • OAuth 2
  • WS-Federation
Mobile Users
  • SSO for mobile devices
  • Work with various devices with SAML and MDM vendors
  • MFA Authentication tool
Meet Security regulatory compliance
  • SOC 2 Type 2
  • ISO 27117
  • ISO 2701
  • ISO 27001
  • CSA Star
  • Truste
  • US Privacy Shield
  • Skyhigh enterprise ready
  • GDPR
  • EU Model Contract Clauses
  • NIST Cyber security framework
  • Vendor penetration, network and bug tests
Disaster Recovery Availability
  • 99.99% availability
  • Across data centers located across regions
  • Replication and redundancy across regions
High usability features
  • Single portal for apps
  • Integration with different browsers
  • Easy login process
  • Easy app access process
  • Users can reset passwords on their own
Enterprise access
  • Integrates with VPN
  • Integrates with Wi-Fi for app access
  • Endpoints integration with RADIUS and LDAP
Authentication
  • MFA
  • Adaptive authentication
  • Automated authentication
  • X 509 based certificates
Authorization Management
  • RBAC access
  • Provisioning and de-provisioning of user access in apps
Integration features
  • Seamless integration with in-house custom apps through API
  • Seamless deployment of SSO without disturbing existing apps
Federation
  • Existing identity providers like Microsoft Active Directory (AD)
  • Amazon AD
  • LDAP
  • Google directory
  • Human resource management systems such as Workday, Sucessfactors
Password rules
  • Setting up of password when expires
  • Set password complexity such as length, characters
  • Reduce support tickets during expiration notifications
  • MFA requirements for password resets if MFA issued
Developer Support -custom apps and third party systems
  • API support
  • SSO registration
  • SDK for major platforms and languages
  • OpenID Connect
Compliance based reporting
  • External authorization to third party SIEM solutions
  • Audit trails
User Behaviour Analytics  (UBA)
  • Allow blacklist, whitelist of geo-locations and IP’s
  • Set responses to high risk logins attempts
  • Re-authentication to access certain apps with MFA tools
Data processing model
  • Where data identity is processed and stored

Having any doubts or want to have a call with us to know more about SSO ?

Contact us right now by clicking here, Sennovate’s SSO Experts will explain everything

on call in detail.

You can also write a mail to us at [email protected] or call us on +1 (925) 918-6618.

About Sennovate

Sennovate delivers custom identity and access management solutions to businesses around the world. With global partners and a library of 1000+ integrations, we implement world-class cybersecurity solutions that save your company time and money. We offer a seamless experience with integration across all cloud applications, and a single price for product, implementation, and support. Have questions? The consultation is always free. Email [email protected] or call us at: +1 (925) 918-6618.

Related Articles

Outages Are Inevitable
Identity Security

Outages Are Inevitable. Prolonged Downtime Is Not.

Most organizations treat outages as rare disruptions. In reality, they are operational inevitabilities in a...

Learn more
New Security Perimeter
Identity Security

Identity is the New Security Perimeter

Learn how identity-first security helps organizations strengthen access control, reduce cyber risk, and support Zero...

Learn more
Identity Security

The Coming Collision Between Identity Automation and Human Oversight

Identity is moving faster than the people responsible for it. In most modern environments, access...

Learn more