The Disadvantages of SSO

Disadvantages of single sign on. Well, one account, if we lose the one account, or the one account is compromised and that account has access to some privileged services, then we have a problem. It’s the keys to the kingdom, it’s the one account that has access to everything. We have latency issues, potential risks, and this goes to what we were talking about a few minutes ago in terms of immediate provisioning. So this depends on how we are provisioning, on how we are deprovisioning, and so there may be a risk here about the immediacy of that process, about how quickly it occurs. This can provide us with that strong, directory-based authentication for trivial access.

So it increases the strength of some of those line of business applications, but it can enforce potentially to high of an impact for very low levels of access. So if you require multifactor authentication within your directory service and you have low security systems, internet services then inherit that requirement for multifactor authentication, that can create problems. So a lot of business applications may be fine, but what happens if our IdP goes down? If we’re hooking systems together, we may have connectivity issues, and we’ve got a problem, then, with the complexity of our integration, and we need to make sure that our SSO solution is resilient.

So if the individual line of business system used to log you in locally, and that’s up and running, if we implement single sign on and we have a problem with the single sign on service or the connection between the cloud-based single sign on solution and the on-prem service, we may not be able to log in, even though that individual service is working fine. So lots of complexity here to consider.