Page 82 - Cyber Warnings
P. 82
How context-aware security adds layers of protection to single
sign-on services
By François Amigorena, CEO, IS Decisions
Single sign-on, to the user, is a godsend. No more wasting time putting in passwords to
individual sites or applications, no more trying to remember a fistful of different
username/password combinations.
To businesses, the benefits are also compelling. First, single sign-on improves staff productivity.
IS Decisions research found that complex IT security costs each individual employee 21.88
minutes every week, which equates to 182 days of lost productivity for companies of 250
people, and 21.9 days for companies with 30 people.
Single sign-on services help lower this figure, saving money for businesses. Secondly, single
sign-on means fewer help requests to the IT department from users who have forgotten their
login, which in turn means the IT team has more time to focus on other important work.
Such is single sign-on’s popularity that around 20% of people use their social media login over
traditional email and password logins for different applications.
Tom’s IT Pro argues that single sign-on services are a must for large enterprises, and Business
2 Community calls it a “hot commodity for businesses”.
However, while the charge to productivity is all well and good, it must not and cannot
compromise security.
Anything that makes your corporate systems less safe is not worth pursuing because, at the end
of the day, convenience is not more important than security.
Which is why the recent hack on password manager OneLogin is worrying. Attackers managed
to obtain the login credentials of users “served by our [OneLogin’s] US data centre” — and the
even more worrying part of the breach is that the perpetrators have the power to crack the
encrypted data they now have their hands on. This spells bad news for businesses…
Why single sign-on services are now vulnerable
The implications of an attack of this kind are serious. Consider this analogy — each individual
login is a troop on the frontline of security for the defence of the network. The more troops you
have, the stronger that frontline is.
82 Cyber Warnings E-Magazine – June 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
