ARCON is named a Leader in the 2021 Gartner Magic Quadrant for Privileged Access Management. Read More

x
ARCON | Single Sign-On (SSO)

Single Sign-On (SSO)

offers one-time seamless administrative access to disparate technology platforms

 

A pivotal component in the overall Information Security framework

ARCON | Single Sign-On (SSO)

Overview

All organizations, small or big, have a variety of applications that are accessed by different employees every day during different hours. The legacy approach to signing on to multiple systems required users to maintain multiple user names and authentication information like passwords, tokens, etc. System administrators used to manage user accounts within each of the multiple systems to be accessed in a coordinated manner to ensure security policies’ integrity.

Single Sign-On (SSO), is an access management capability decider that enables employees to access multiple disparate systems by just authenticating once. Whereas now with the SSO approach, when a user logs in for the first time, an SSO capability authenticates the user once, translates, and stores the authentication parameters. Whenever the user accesses any application, the SSO solution shares the credential as per the authentication mechanism supported by the application. ARCON | SSO offers a reliable integration for SSO to all the mobile applications and web applications, optimized for mobile platforms, with industry-standard SAML authentication and other modern protocols.

With ARCON | Single Sign-On (SSO), the user needs to remember one credential for logging into the SSO portal. Once logged in, all the applications which are assigned to the user will be displayed in the portal in a centralized manner. The general approach is to restrict as much as possible. As it is said, “close as many doors as possible,” - is led to a restrictive practice. All the investments made in automation, internet and technology, etc. to create efficiencies are now challenged. Thus, SSO prevents possible misuse of application accounts while helping to implement the principle of least privilege.

Key Features

  • Multi-factor Authentication
    User account access requires well-established identity references (validation) for accessing various applications. Multi-factor authentication (MFA) provides a robust validation mechanism.
  • Seamless Integrations
    Integration with App Web Browser helps to provide holistic security, reduce risk, and increase visibility. With the App Web Browser, users can access any web-based application. This allows Single Sign-on (SSO) for Browser applications.
  • Access Control
    User Access Control is a security feature, which helps to prevent unauthorized changes to the system. This allows to enable the user logon period, disable the user logon, session lockout, endpoint-based access, and to enable or disable the dual authorization factor for a user(s).
  • Self Service Portal
    This will ensure that the user will be able to raise a request for any application which is not yet assigned to the user. Post-approval, the application which is requested gets added to the list of applications in the portal.
  • Just-in-Time Access
    This feature helps in ensuring time-based access for any user be it an end-user, customer or any third-party vendor. Once the amount of time assigned to the user is over, all the rights and access are revoked without any manual intervention.
  • Password Management
    While configuring the service of an application, the user can set a complex password. This password can be updated manually by the end-user as well as can be rotated as per the defined policy. This also ensures proper synchronization across the network to prevent service disruptions.
  • Robotic Process Automation
    Robotic Process Automation (RPA) is the process of automating mundane tasks with ease, efficiency, and accuracy. ARCON PAM users can customize steps for any SSO activity with the use of RPA. It could be image-based control recognition, Shortcut keys, Control ID, etc.
  • User Provisioning and Deprovisioning
    This feature will not only provision or de-provision a user from the system but with the help of ARCON | SSO, will also provision or de-provision within the applications as well. This ensures a granular level of control to the administrator.
 

Benefits:

  • Ease of Use - Single User Credentials for all applications. Easier to remember and convenient to change periodically.
  • Better Security - Greater tendency to use strong passwords.
  • Toggle Functionality - When the organization would be using both, the SSO and the PAM, the user can easily switch between both worlds.
  • Single authentication system to maintain.
  • Easier Administration activities of adding, deleting, updating user
  • Enables faster development and release cycle.
  • Reduced time is taken to log into applications.
  • A limited number of credentials imply improved Security and controlled entry points.
  • Tends to reduce phishing as the user is used to seeing one screen for logging in.
  • Less Number of calls to Reset Passwords, and login Queries, user name blocks.