Passwords typically form the first, and sometimes only, barrier to access for organisations. But, as the recent Skrill research highlights, passwords are a security risk.
If managing personal banking, shopping and membership passwords is a modern day nightmare, the enforced password mechanisms in corporate systems designed to keep the organisation secure can produce a similar headache.
Those requesting a certain number of letters / numbers and ‘special’ characters to be incorporated, don’t work. They often don’t comply with external provider’s mechanisms and this results in multiple complex passwords being created by an individual.
How are users supposed to remember such impersonal ‘words’? As it turns out, they don’t. Instead, they end up putting their organisation at risk by writing down or sharing with a colleague, Forgetting means they find themselves locked out of their corporate desktop, critical application, or third party service provider, leading to a drain on IT helpdesk resources.
This issue of ‘access amnesia’ has the potential to be further exacerbated as businesses increasingly look to cloud services such as Google Apps for email and document sharing.
Google Apps, especially Gmail, are a popular option for organisations making their first foray into leveraging Cloud-based Services. While the cost advantages of this model are compelling, businesses do not want to create a whole new set of accounts for their employees in the Cloud, or force their employees to remember more new, complex passwords.
Internet Single Sign-On (SSO) has been around for a while, but the increased need to access a wide variety of internal and externally hosted business applications means it come into its own.
It enables users to continue to use their own local accounts, logging into their computers as normal, but then seamlessly log into the cloud services. In this way, the user experiences a continuous link from the corporate system, such as their Windows login, into the cloud services, such as email.
The fact the passwords are encrypted and not sent out to, or stored, in the cloud reduces the security headache for the IT department and fortunately there are significant cost savings to this approach too. For example, SSO users are less likely to lose or forget their password, reducing the assistance required by IT helpdesks.
The research from Skrill highlights a very real problem that too many people can worryingly relate to. As more and more businesses look to the cloud for service provisioning, SSO should sound the death knell for passwords as we know them, and increasingly become the must have solution for secure and seamless access from both inside and outside a company’s boundaries.