Consider what happens when someone forgets their password or has it compromised without an SSO system in place. “As people reuse combinations of the same passwords everywhere, you pretty much have to reset passwords separately in all apps,” Cser says.
But with SSO, he points out, the user has to change their password only once. And IT departments stand to gain because the technology simplifies identity and access management overall.
“It reduces the cost of developing and maintaining authentication and coarse-grained authorization in business applications,” Cser says. Administrators have to integrate the app with the SSO framework only once, he says, “instead of developing a one-off, separate authentication solution for potentially hundreds or thousands of apps.”
Identity Management Solutions Make Access Easier
Access Boston is built around two solutions that automate identity governance and access authorization. SailPoint IdentityIQ is an identity management platform that integrates with the city’s human capital management system to allow Grozier’s team to quickly determine which employees should be able to access what resources. Once permissions are established, technology from Ping Identity facilitates user access and security.
“When you log in on the Access Boston page, you’re actually going through Ping,” Grozier says. “The platform is asking our central directory, ‘Is this username and password legit?’”
In certain cases, the system may require multifactor authentication. “If they’ve never logged in from that computer, it ensures they are who they say they are,” Grozier says.