InfoSec-Specific Executive Development for CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive labs to build you and your team's InfoSec skills
Single sign on (SSO) tools offer many of the same SSO features and capabilities, but where they differ is in their overall stability, integration and ease of troubleshooting/support. This piece outlines issues to watch for when choosing an SSO provider,
as well as guidance for how to proceed.
When discussing identity, the topic often shifts to technology choices available – SAML vs. OAuth, AD vs. Ping vs. Okta, etc. However, the ultimate goal for any of these projects is to allow users to authenticate to a number of different systems
using a standard set of credentials and, once authenticated securely, gain access to a number of resources, whether those resources are all controlled by the same infrastructure or not. Federation is, at its core, a user experience project in which
the technology selected will – for the most part – be entirely transparent to users.
Selecting technology for SSO projects is particularly challenging because the technology selection process and user experience process do not directly align. For example, the technology selection must also address potential failure modes because when
a federation project fails, it results in users being unable to log in, not to just a single system, but to all systems.
When selecting a tech tool, consider three core areas:
Regardless of the decision your organization decides to go in, keep in mind the wider implications and evaluate more than the SSO feature set to ensure the change doesn’t adversely impact the business in the long run.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.
October 19, 2021
By IANS Faculty
Continuous compliance requires continuous monitoring and validation of controls in the environment, as well as integration with governance, risk management and compliance tools and platforms. Understand the processes, tools, stakeholders and focus required for a best practice continuous compliance program.
October 14, 2021
Learn how the DDoS threat is evolving and get a step-by-step playbook to ensure your organization is protected against DDoS attacks and has a response plan in place.
October 12, 2021
Uncertain how to secure your M365 environment? Our Faculty identify and explain the five primary areas of M365 that will provide the best security return-on-investment with the least user experience impacts.