Salt and pepper. Peanut butter and jelly. Monday morning and a big pot of fresh coffee. Some things are just better together—like single sign-on and a password manager. Here’s why SSO + PWM = True Love.
It’s no secret that threat actors want your passwords. Employee credentials can let them easily burrow into your networks and access your data, whether it’s stored on premise or in the cloud. In fact, more than 80% of all hacking-related data breaches use stolen credentials or passwords, according to the Verizon Data Breach Investigations Report 2020.
Many businesses use single sign-on (SSO) technologies to help secure cloud-based web applications and Software-as-a-Service (SaaS) solutions. Trouble is, system administrators have learned that SSO alone cannot reliably protect employee credentials for every account, cloud-based or not. And threat actors know that. They understand that stealing employee credentials is a high-reward, low-effort way to break into corporate networks and pilfer data.
The COVID-19 pandemic has only made security more precarious as people work from home on unsecure equipment and without onsite supervision. In fact, more than half (53%) of respondents to a recent survey reported an increase in phishing attempts during the pandemic, and 30% said the attacks are becoming more sophisticated and successful.
Cyberattacks are also more financially crippling. The average total cost of a data breach caused by use of stolen or compromised credentials was $4.77 million in 2019, which is 24% more than all other types of breaches, according to Ponemon Institute and IBM Security. That cost has soared a whopping 77% over the last three years.
The security benefits of SSO and password managers
SSO provides a secure way for you to grant users access to multiple applications with a single set of login credentials per session. Once a team member logs in, they are authenticated for all SSO applications for which they have access—without having to remember, type, or reset passwords. That can result in fewer password-related help desk calls, which in turn can lower costs and boost operational efficiencies.
SSO is mandatory for specific business accounts, which gives you more control over mission-critical applications and platforms. At the same time, SSO reduces the number of credentials in use because the technology uses tokens, rather than passwords, for authentication. Fewer passwords mean fewer ways threat actors can break into your systems and networks.
A password manager provides a secure way to make sure that people use strong passwords across both work and personal accounts. The technology automates generation of unique, complex passwords and encrypts and stores credentials in a centralized location. As with SSO, password managers enable individuals to access all their supported applications with one master password.
The combined power of two
Separately, SSO and password managers bring a set of security capabilities that are critical to safeguarding user accounts and credentials. The real power, however, lies in the combination of the two. Here are six ways that integrating a password manager with SSO benefits businesses and even employees.
- Password managers can significantly improve an organization’s security posture by identifying and eliminating weak and reused passwords.
- IT gains greater visibility into all apps and services in use, and ensures that strong passwords protect unknown services or applications that employees may have installed themselves, a practice known as shadow IT.
- SSO and a password manager together can also increase storage capabilities. SSO is fully compatible only with cloud applications that support SAML protocols. If an application doesn’t support SAML, most SSO solutions will only store and manage usernames and passwords. Password managers, on the other hand, can securely store a range of digital information, as well as encryption keys and digital certificates.
- Integration of SSO and password managers can help ensure that allcredentials and metadata are captured and stored in the same central repository.
- SSO and a password manager together can reduce the number of credentials used, which, in turn, can limit the number of passwords that can be compromised.
- A password manager integrated with SSO can allow employees to manage their passwords through features like automatic password generation. As a result, employees will always have strong, unique passwords for new accounts and can easily replace old credentials.
Double the security
For many companies, implementation of a low-cost password manager represents a logical first step in securing user credentials and data. But password managers alone cannot protect all accounts and cloud applications across the business. To do so, you’ll need to combine password management with an SSO solution.
To learn more about how to integrate SSO with a password manager, read our latest white paper: Better Together: Why You Should Integrate Password Management and SSO