In a dream you own a football stadium and you’re hosting a bowl game. You’ve sold out all the tickets online. Your stadium is the kind with entrances all around the building. And today is game day – great! But in this dream you forgot to hire any ticket-takers or security people – not great! So the people start showing up and begin pushing in from all directions. And now the mob is a mob, forcing its way to the stands and field.

Why do people line up to show their tickets to ticket-takers and put their phones in a bucket to pass security personnel? It’s not just to keep out those who don’t have a ticket – though of course that’s true. It also sends a message to attendees about behavior – this is an orderly, civil place here. Ticketing conveys a sense of privilege, exclusivity, scarcity and value. It also hopefully gives the visitors true safety – criminals maybe have to think twice. But those walk-through metal-detecting gates also convey to all attendees that the venue treats security seriously.

What Is Single Sign-On?

If on the web you’ve ever encountered buttons with a Google or Facebook logo to sign into a new site for which you don’t have email log-in credentials, you’ve seen a type of Single Sign-On. In simple terms Single Sign-On is one key that may be used to open many doors. In this standard web-use it increases the comfort people feel toward an unknown site and it prevents a user from having to remember many passwords.

Bryley’s implementation is also a single key, but it’s not only the key, it’s also the doorway into the applications and work the employee has been employed to do.

Single Sign-On authenticates the user and the session. Having a locked gateway solves similar problems to ticket-takers and security people at a sports venue: it provides proof of authorization while communicating secure, purposeful behavior.

Single Sign-On

The Single Sign-On interface, top, showing icons for software products that an employee can access. And below, a diagram showing the Single Sign-On interface as a gateway to everything an employee needs.

The World’s Got a Password Problem

The 2022 Verizon Data Breach Investigations Report showed about fifty percent of security breaches involve compromised credentials1. People are careless with passwords. Passwords get stolen in a breach. Sometimes we don’t change them (even after a known breach). Sometimes we reuse them. Sometimes they are ridiculously simple (password is still a very popular password [the fourth most popular in 20222]). Sometimes we think data theft is going to happen to somebody else. Sometimes we forget our passwords. Sometimes we use our pet’s name and post photos of the pet on Instagram. It’s also correct from a security-posture to keep a vigilant eye on the dark web to see if your employees’ credentials have been leaked, and then change the compromised passwords. Multiply these kinds of password habits and events by all your employees and the result is a nightmare to manage; there’s an inordinate number of IT tech support calls to reset passwords. Per TechTarget: Forrester Research estimates that the average cost of a single password reset done by help desks is about $70, while Gartner estimates that 20% to 50% of all help desk calls are for password resets3.

The World’s Got an Attention Problem

According to the Harvard Business Review 60.6% of employees admit that they rarely-to-never do even an hour or two of deep, focused work each day without distraction4. Georgetown Professor Cal Newport writes that deeply focusing on one task at a time is the key to productivity5. And to prove the state we’re in – attention spans have dropped by a quarter since the turn of the twenty-first century6. This, while the average number of applications (thanks largely to Software-as-a-Service) used by businesses has swelled to about 1297, it’s rarely necessary for every employee to access anything like 129 applications.

Adopting a Single Sign-On model like Bryley’s allows businesses to help employees be on-boarded efficiently – a subset of your business’ applications at-their-ready and only the Single Sign-On credential to know. And it allows employees to remain focused, by allowing admins to just assign application privileges to the employees that need those privileges.

MFA: The Key to Single Sign-On Security

Single Sign-On is a good idea for minimizing interruptions: employees won’t be bothered having to remember and enter a bunch of passwords. But you still need one key to open the door, one set of credentials (typically a password) to open the Single Sign-On portal. And if this single password gets compromised anything for which the user has permission is accessible at once to the credential thief. This is why Bryley advocates the use of multifactor authentication (MFA) with any Single Sign-On implementation8. MFA is a second or more check that the person logging in is really the person logging in. This is done by use of one-time tokens from an app on a phone, or by the use of USB keys (text messages or emails are often used – better than no MFA, but less secure).

Single Sign-On and MFA, Efficient and Secure

Like handing a paid ticket to the ticket-taker at an event, Single Sign-On gives your employees access to the work tools they need. And like walking through a security gate without sounding an alarm at an event, MFA is a second verification that whoever’s getting in has right intentions. This set-up is a formula for successful employee provisioning, that avoids the fraught system of several passwords and keeps your employees focused on their work. Your IT admins will be more productive, too – why waste a healthy percentage of your IT budget on resetting forgotten and compromised passwords?

Learn more about MFA and SSO for your organization

6; due to increased exposure to digital content as explained in Microsoft’s 2015 report – and exposure to digital content hasn’t lessened since 2015.
7 Okta, 2018
8 Bryley always advocates MFA.

  • List Title 1

  • List Title 2

  • List Title 3