Tag Archive Single sign on

Avatar ByJayanthi

Identity management

Reading Time: 2 minutes

‘Identity management’ in some ways is an extension of the concepts of  access control and authentication. The current business environment is complex and getting more complex with time. There are numerous departments(like CRM, ERP and HR) and networks. There are hundreds of business users(like employees, customers and partners) constantly logging into systems and accessing different resources. Employees might also move onto different departments and they might also quit and move onto different organizations. How do we handle the huge responsibility of checking the credentials of the users, authentication them and authorization them? This is done by process of ‘identity management’.

‘Identity management’ involves the process of first identifying the user, authenticating the user and authorizing them to access appropriate resources in an automated way. ‘Identity management’ solutions have to handle the huge task of assigning access to  different users across multiple systems. They also have to make sure that the access is neither too restricted nor too broad.  ‘Identity management’ solutions also involves revoking the credentials of former employees so that cannot access the old resources again.


Advantages of IDM solutions:

In the earlier days, IDM solutions were manual, but with today’s complex business scenario, automated solutions are the need of the hour. IDM solutions offer these advantages:

  1. They increase the productivity in an organization(administrators do not have to spend time configuring the different settings for different users)
  2. Security in the organization is enhanced since users are given appropriate access and single-sign on is implemented

IDM solutions:

A number of organizations offer IDM solutions and here are a few of them:

  1. Computer Associates Identity and access management
  2. IBM Identity and access management
  3. Oracle Identity management

Seamless digital transitions in today’s business scenario is possible because of sophisticated identity management’ solutions. 

This post is for alphabet ‘M’ of the #Blogchatter challenge. The previous post can be found here.

Avatar ByJayanthi

Single sign on

Reading Time: 2 minutes

In the wake of the Facebook data breach that supposedly compromised 50 million accounts and other personal data last week,  it is but imperative to look at yet another aspect of ‘Information security’ – ‘Single sign on’.

What is ‘Single sign on’?

Remember, the time when you discovered a new website or app ? You had to register to get into the site. You were presented with these options:

                ‘Continue with Google’

                 ‘Continue with Facebook’

in addition to a lengthy sign up process. In a hurry to understand what the new craze was, you just signed in with your ‘Facebook’ or Google account information instead of going through the whole signing up rigmarole. This is ‘Single sign on’ wherein by just signing into Facebook or Google, you can access many other apps and sites with ease.

data breach

What is the downside of ‘Single sign on’?

It seems to be such an easy thing to do – just sign in with one account and we can access so many other sites with ease. So, what is exactly the problem? If you have signed into multiple accounts using Facebook or Google, when the main ‘sign on’  site gets hacked, it is quite a possibility that the other apps that use ‘Single sign’ on method of being authenticated would have their data breached too. 

So in essence, you are exposing the data related to all other apps to the hackers too!

How do we ensure the safety of our data in the wake of the breach?

Since there is nothing that is simple and easy in this world, single sign on comes with its own troubles. In case of the Facebook data breach, you would have definitely received appropriate messages and notifications if, your account was indeed hacked. In addition,it is  good to always:

  1. Check ‘Settings’  in ‘Facebook’ and check the devices and locations where you are logged in from. Logout from all of them and re-login with a new password.
  2. It is also good to login to each site/app with a separate login and password henceforth and give your memory a good workout! 🙂 (Seriously though, a password manager might be a good option to consider since it is difficult to remember multiple logins and passwords)
  3. It is better to try two factor authentication to prevent further data loss.

These security tips will hold good for some time before the next breach occurs!