SSO is a solution that allows a user to access different applications using a single credential (i.e. username and password), instead of having to key in different credentials for different applications. The service has become more relevant for business customers in the past couple of years in the first place due to the take up of, and even migration to, enterprise cloud applications. Secondly, not only is there a proliferation of bring-your-own-device environments, but also of “multi-screen access” to company applications and data using various devices – PCs, laptops, smartphones and tablet PCs – all of which need to be registered and authenticated in order to protect company assets (e.g. data, customer lists, prices, etc). Finally, another factor in the demand is the increasing number of companies with mobile workers and home-based employees, who need the same level of access to key company applications and data.
With this scenario, two main issues arise: how can a company protect its assets from data breaches and how can a company maintain an overview of the application usage of their employees to comply with audit requirements for specific industry regulations? For instance, companies in the healthcare industry in the US are required to submit annual audit reports as part of their compliance with the Health Insurance Portability and Accountability Act (HIPAA). The HIPAA regulation seeks to ensure that only the appropriate persons have access to specific information in a patient’s medical history and that adequate safeguards are put in place to protect the privacy of these electronic health and medical records. Under the HIPAA law, non-compliance with these audit requirements is fined.