November 4th, 2019
Subscribe to our blog and stay up to date
Single Sign-On (SSO) is an essential part of any organization’s security protocols. Businesses use it to relieve employees of password and credential fatigue, to save IT resources from doing countless password resets, and to mitigate damage in the event of a data breach.
SSO is a centralized access control system in which a trusted third party verifies user credentials. In such a system, users can move from application to application without needing to log in each time. Well-known SSO vendors include Okta, OAuth, and OneLogin. SSO vendors usually provide additional functionality like two-factor (2FA) or multi-factor authentication (MFA) .
In the consumer space, platforms like Facebook and LinkedIn offer SSO access into multiple web applications. Social platform SSO allows companies to attract new customers without forcing them to create new usernames and passwords every time they want to use a new app.
The benefits of SSO include:
SSO is an essential security requirement for any company that uses multiple SaaS applications and platforms. This means that SMBs—even those with just a handful of employees—need a centralized identity and authentication management system.
While news stories about data breaches often focus on large companies, the reality is that SMBs are increasingly becoming the victims. On average, a cyberattack costs a small business $200,000 and 60 percent of victims go out of business within six months following a data breach.
Most vulnerability exploits, password exposures, and phishing scams happen to small businesses that don’t have the security protocols in place to prevent these events or mitigate their damage. It’s much easier for hackers to take advantage of security gaps at startups and small businesses than at established enterprises.
While SSO is certainly not the silver bullet to prevent cyberattacks, at the very least it should be a part of a company’s security strategy. The cost of not implementing SSO is just too high to risk.
There is no single answer to how much SSO will cost. How much you spend will depend on some the following SSO business requirements:
When calculating the cost of SSO, you will not only need to factor in the SSO requirements of the vendor, but also the requirements of each individual application your company uses. Despite the growing awareness around data security and the known benefits of SSO, many SaaS vendors charge a premium to clients who want to manage access through a third-party authenticator.
For some SaaS vendors, the price increase from base to SSO-enabled pricing can be more than 5x. While most SaaS vendors offer enterprise volume discounts, they require companies to have hundreds, if not thousands of users, meaning that many startups will not have access to them.
It’s not as if these SaaS vendors are completely indifferent to security. Most have their own security and authentication mechanisms, so you might contemplate if having an SSO add-on is completely necessary.
In addition to preventing password fatigue and the other benefits mentioned earlier, SSO gives administrators more power to enforce security protocols most appropriate to their organizations. This includes requiring employees to use 2FA or MFA. Some SaaS vendors simply do not have that functionality in their products.
Small businesses should not have to compromise security in order to use a product affordably. If you are considering a product that charges a “tax” for SSO, do your research on the actual costs you’ll incur.
Through our clients, we have come to understand the delicate balance that SMBs tend to juggle between cost and security. Security comes first at Electric and we work with our clients to provide the most appropriate solutions for them.