Back to blog

Implementing Single Sign-On in the cloud? The Pros and Cons of SSO

Single sign-on (SSO) has gained widespread popularity among cloud users in recent years, due to the fast and convenient access it provides into IT systems in the workplace.

Of course, introducing SSO into your cloud environment can also create challenges and security risks that many IT teams struggle with.

Here, we compare the pros and cons to help you understand whether implementing SSO is a good decision for your own business.

CloudOpsBeta-white

The Pros of single sign-on (SSO) in the cloud

The main advantage of SSO is streamlined workflows for all users, and time saved for them by removing tedious, repetitive log-in processes.

In addition to that convenience and speed, SSO is generally considered to improve security in terms of employee habits and behaviour too.

For example:

  • Making it easier to use and remember stronger passwords, as only one is required
  • Allowing IT teams to enforce password policies more easily
  • Making it easier to leverage multi-factor authentication
  • Reducing time spent on lost or compromised password recovery
  • Reducing the time and cost of a busy IT help-desk
  • Enabling simple, consolidated storage and management of user credentials.

With a number of additional benefits specific to IT teams, and to organisations within highly regulated industries, SSO is an effective way of improving the overall efficiency of your workforce.

The Cons of single sign-on (SSO) in the cloud

However, as with any IT product or solution, you must also be cautious that there will be resulting challenges.

So, while SSO enhances ease of access to IT systems for users, and can have some positive impact on security, it also presents its own fair share of risks.

For example:

  • If a user’s lone set of log-in credentials are lost or hacked, every application and system available to that person could be compromised
  • Users must have extra-strong passwords, or you’ll be left vulnerable if there are weak passwords in place
  • If your SSO stops working, all your related sites and applications will be unavailable to your users
  • If your SSO provider is hacked, all your systems and applications will be highly vulnerable as well
  • SSO can also lock users out of every application in one go if a password is lost, forgotten, or compromised.

Furthermore, due to a lack of experience or a very complicated current infrastructure, SSO can be infamously difficult for many partners to successfully execute.

Finally, to avoid failure, remember to consider your complete infrastructure, including on-premise technologies, cloud deployments, third-party integrations, legacy systems, and anything else. Without complete integration, SSO may bring more long-term issues than it solves.

Still Undecided?

As with any IT product or solution, you should carefully consider all the potential risks alongside the benefits before putting anything in motion.

Take a thorough, strategic approach to planning and implementation, even if that means finding support from a partner with the necessary expertise to help you succeed.

To learn more, read our latest article here: How to Succeed with Single Sign-On in the Cloud