Do you remember how during the 2016 U.S. presidential election, hackers attacked the Hillary Clinton campaign and the Democratic National Committee with spear-phishing efforts to trick users into providing their usernames and passwords to fraudulent websites?
As more and more organizations move to remote work, cybersecurity reinforcement and managing authorization has become one of the top requirements for SaaS platforms. Agility CMS provides several methods of authentication. Depending on how your organization works, you can easily match up your security requirements with Agility. Agility uses Auth0 as our authentication provider, so anything they can do, we can do for you.
What is SSO?
SSO (Single Sign-on) is a holistic, single login point where users enter one set of authentication credentials that grant access to a suite of other applications, regardless of the platform, technology, or domain used.
How does SSO work?
Users begin their SSO experience by logging into a gateway. Depending on the application, the look of this gateway can vary, but usually it has an option to login with Social Identity Providers (like LinkedIn, GitHub, Google, etc.) and an option to log in with you email and password.
Agility Sign On looks like this now:
With Auth0, users are redirected to a login page with username and password fields, and may include Social Identity Providers such as LinkedIn, GitHub, Google, etc.
From there, the users go through the following steps:
- User enters their master username and password
- The credentials are run through the Identity Provider (IdP) for verification
- The authentication server checks the credentials against the directory that contains stored data
- If the credentials check out, the authorizing server will set an SSO cookie
- Users are then redirected to the application they want to access
After that, users won’t have to enter any information on a login screen when launching any application approved by the SSO.
Instead, when users log in, the following will happen seamlessly without seeing the a login screen:
- The IdP checks if there is an existing SSO cookie;
- If needed, the provider updates the cookie; and
- The IdP returns an ID token with the users' identity information
- Finally, the IdP logs them in.
Benefits of Enterprise SSO
Think of it as using one key card to access all doors in the office building, instead giving to each employee an individual key for each office, board room, storage, parking level, elevator, etc. Seems beneficial, right?
1| Multiplatform Access
Teams with a single point of login are seamlessly provided with with multiplatform access. On average, employees use 13.4 applications. SSO gives teams ability to access all their platforms not only from the office, but home and mobile devices.
2 | Smooth user experience
SOO saves teams time and effort. Employees are not required to remember and store their numerous passwords and logins.
Enterprise SSO is the most secure authentication because your organization controls it. Your employees won't have to remember another username and password, and you won't have to worry about another security with an external platform. It saves time and reduces stress for your employees.
3| More Secure Passwords
Nearly 90% of people ages 18–30 use the same password_ across multiple accounts.
60% of people need to reset their passwords every 60 days — a practice that also costs companies an average $179 per employee per employee and is largely avoidable with SSO.
SSO prevents employees from creating unique, complex sets of passwords, reusing weak passwords, or keeping physical records of all passwords — which are inconvenient, time consuming and insecure.
Enterprise SSO with Agility CMS
Now your Agility CMS login is more secure - any rules you've set up as part of your security and compliance posture will automatically be enforced when you use SSO with Agility.
Your Agility users will authenticate with your organization's gateway, and then Agility will communicate securely with your systems to confirm the user's identity. Many companies refer to enterprise SSO as federated identities or enterprise federation. What it means is that you don't have to worry about duplicated users across all your system.
Agility provides enterprise SSO to Active Directory, LDAP, ADFS, OpenID Connect (OIDC), SAML, WS-Federation and more. If you're currently using one of those protocols, or if you're using the following systems, you can configure enterprise SSO with Agility:
- Azure Active Directory
- Google Workspace