Dec 30
Spirion Single Sign-On

We all use SSO in many ways such as when a user logs into their desktop, then opens Microsoft Outlook, Microsoft Lync, and other applications without providing additional credentials, this is an SSO process. SSO process is used for web applications such as Google, LinkedIn, Twitter and Facebook, all of which offer popular SSO services that allows you to log into one application and also the others using their social media authentication credentials.

Using SSO for an Enterprise process such as Spirion provides a great value to organizations.

  • A user only has to remember one password at all times.
  • Only required to occasionally enter credentials for Spirion and other systems, there's significantly less effort needed.
  • The back end SSO provider can capture logging such as user activity as well as monitoring user accounts. A desirable outcome of applications such as Spirion using SSO.
  • Reduces Risk by Minimizing Bad Password Habits.
  • The combination of a user ID and password is no longer a strong enough protection strategy to access an organizations most vulnerable information, SSO provides an additional layer to strengthen this process.
  • Many modern organizations such as government (DOD, NASA, etc.) and enterprises require SSO to protect access to web application access.
  • Extra security can be added to the initial single sign-on, for example requiring biometric authentication, or access via an RSA token or similar encryption device, independent of Spirion, but allows our product integration into these processes.

 

Because Spirion supports SAML Single Sign-On, many organizations can use the Microsoft MFA to push to devices for sign in. This industry standard protocol empowers customers to use their own Azure identity management system for authenticating users of the CenturyLink Control Portal.

Now, with the addition of the Require SAML for Login option provided by Control Portal, customers can force users to authenticate through their identity providers to enable additional identity management features like multi-factor authentication (MFA) and user provisioning. This way, the CenturyLink Cloud platform can provide flexible, standards-based capabilities while allowing an organization to keep the nuts-and-bolts of their IdM configurations in their pre-existing systems.

For more details and how SAML works in general and how to specifically setup an ADFS IdP for use with Control Portal, refer to Using SAML for Single-Sign-On.

Comments

There are no comments for this post.

 ‭(Hidden)‬ Blog Tools