So there used to be a time where you had to sign up for all of these services. And then you had to go through different policies for your password. And one of the ways that you could do that is that you can sign up, and use the same password everywhere. And so, let’s say, you use 10 different applications, and you’re using the same password for all of them. The problem that… Then you basically create 10 points of breach. If one of them gets hacked, you’re already hacked. And so the reality is that with a new, kind of more modern approach of single sign-on, where there is no real password exchange, it’s all about trust and certificates.
Then, if one of your applications gets compromised, none of the other ones are compromised. And that is a huge step in the right direction. Because the problem with the old traditional way of basically having all of these accounts, is that you’re leaving the security of all of those accounts to the user. That the user had to sign up for the services, and they have to select their password. And not only that, you also had to comply with the policy of that third party. So, you were basically letting the security be a responsibility of your user and your cloud provider, whatever cloud provider that is.
With single sign-on, and things like OpenID and SAML, you basically centralized through strong authentication. And then not only you’re taking that responsibility from them and basically putting in a central place, but also in that central place you can enforce policy, you can enforce multi-factor authentication. So not only you make it better, but you also can add policy that creates even stronger authentication for those users. So you can say, “Now, to access this particular application, not only you don’t have to select your own password, but we can actually put it behind an MFA policy.” So now you can do strong authentication on top of that. So, at the end of the day it’s a huge, huge step forward. And I think, the good news is that the industry is moving there. So our responsibility as a provider, follow these single sign on protocols. Is that we need to make it very easy, and very convenient for people to just adopt it.
We have actually seen really, really great adoption of these new standards and so we are basically contributing to the security posture being better for our customers. The customers do not have to care anymore. This just happens magically. You’re magically more secure. There’s nothing better than that.
Disclaimer: All images or other materials were taken from the web and believed to be in the public domain. If by any chance it violates your copyright, we will delete it immediately upon presented proof.