5 min. read • Email this page
Listen to this blog post:
Leaving the key under the doormat? SSO can fix that
Single Sign-On gives employees secure access with minimal hassle
When what’s important is at stake, should you make it easy for criminals?
At the very least the current AI-dominated climate has made attacks more relentless and deceptive.
That means the fundamentals of security need to be in order. If your employees have questionable password practices like easy-to-guess passwords or passwords being reused or if they change passwords just the bare minimum, or are using vulnerable SMS texts as the second security factor, you should consider Bryley’s Single Sign-On (SSO) offering that’s been showing high-adoption because it’s easy to use with a simple interface.
And who has the fundamentals well in hand? Large organizations. This means that criminals looking for an easy entry point and a quick score look first to smaller organizations. It’s why organizations with fewer than 1,000 employees get attacked four times as often as large corps, per Verizon’s 2025 Data Breach Investigations Report1. And the main entry point is usually an employee responding to a convincing email that often leads to credentials being stolen. A good version of multifactor authentication (MFA) seals off the damage that can follow from compromised credentials.
Stolen credentials are the most common attack vector, also from the Verizon report. The main issue is employees using less-than-ideal passwords because of thinking ‘who’s going to attack us?’ It is counterintuitive (‘we’re insignificant!’), but the data show the opposite is true, and it does make sense: the easier the pickings the more often attacked. And not only is a breach expensive – over $100k on average for a small business – but the downtime in order to restore a system back to operational can be an expensive time-waste.
Name and password are entered by the employee. Notification is sent to the matched DUO app on a device. Every tool the employee needs is unlocked for their use.
Single Sign-On secured by strong MFA
Single Sign-On is a great and simple idea. Without it everything an employee tries to access has its own password. Passwords are easily compromised, so the more of them floating around, the more potential entry points for an attacker. SSO reduces this to one.
‘One? Isn’t that a bad idea? One leaked credential and the attacker has everything?’ Before SSO your employees had a dozen passwords. Some were reused. Some were easy to guess. Some were taped to a computer screen. Some hadn’t been changed in years. Each of these is a door that might get opened. You had twelve possible points of failure.
But SSO with MFA replaces those twelve points of failure with one locked and dead-bolted door. The password is the first factor. Yes, that is vulnerable; it can be stolen. But MFA is the second factor — and it requires physical possession of the employee’s enrolled device. An attacker with the password but without the device goes nowhere. That combination — a login plus a second physical device only your employee has — is more secure than the alternative most businesses are running right now.
Overcoming resistance by design
Maybe for your organization the reason MFA hasn’t been adopted was its execution. Poor interfaces created resistance. Besides Cisco’s reputation for secure solutions, Bryley selected Cisco’s DUO because it has a simple-to-understand and simple-to-use interface. When a new tool doesn’t create friction, but lessens the password-practices burden, adoption follows.
Fulfilling compliance
The decision to have MFA in an organization is not as optional as it once was. NIST SP 800-171, the basis of many compliances (including CMMC) and cyber insurance qualification requires an MFA implementation.
Implementing now, on your terms, with a platform chosen because of good adoption, is usually a better deal than doing it in reaction to a contracting officer’s, insurer’s or auditor’s demands.
Passing the ball back to you
MFA may have felt like a burden before. Did employees have different MFAs for different accounts? Did employees have too many passwords for them to easily manage, and so they grew lax in good protocols? These are chief reasons Bryley has decided to use DUO now – one strong and simple solution.
Bryley’s staff is here to advise you in achieving security that your staff will get on-board with. To speak to Bryley’s Roy Pacitto please complete the form, below. Or you can email Roy at RPacitto@Bryley.com or reach him by phone at 978.562.6077 x217.
1 https://www.verizon.com/business/resources/reports/dbir/
Lawrence writes about networking and security. His consumer-scam writing has appeared on the Moneywise website. He’s written for Bryley since 2015.
