Well, some have. No doubt many more have looked at the idea, then looked at their patchwork quilt of an infrastructure and decided that the whole thing is just too complex, too costly, or both. Consequently, even though single sign-on has been in our thoughts for many years, for many it is still a dream, along with the "paperless office" and other such worthy innovations.
It need not be like this. There are tools available which would enable even large and complex infrastructures to implement a single sign-on strategy towards secure application access. One such tool is SecureLogin Single Sign-On from Protocom. Indeed, we had a look at this product once before in 2002, but it is worth revisiting, especially in light of other developments around token technology and biometrics, where several such products come close to offering this functionality.
Conversely, Protocom also offers the ability to work with tokens and biometrics via its Password Management Suite, of which single sign-on is a component (the others being advanced authentication and self-service password reset).
Of course, from a practical perspective, one of the concerns of potential users will be the often varied and colorful infrastructures referred to earlier, which seem to spring from a corporate well of departmental developments, good intentions and a desire to try to keep up with the crazy pace of IT. This often results in a mix of operating systems, network methodologies, hardware and applications all coexisting within the enterprise.
Simply keeping track of all this is hard enough, let alone implementing a coherent single sign-on system across it. Protocom understands this reality and this product is compatible with a broad range of Unix and Windows platforms, including legacy 16-bit Windows as well as various LDAP directories.
As Protocom points out, with the rise in e-commerce and web-based services, a coherent approach to user authentication is becoming increasingly important. The solution must be secure and the SecureLogin Single Sign-On product encrypts user credentials accordingly, ensuring that only the users themselves are able to access this information.
Such a solution should also be intuitive and easily understood by all concerned in order to reduce password-related helpdesk calls.
With the credentials stored both in the directory and locally, operation can be relatively seamless to the user, whether or not they are connected to the network. Such a setup can thus support standalone usage, roaming within the campus and remote access, depending upon specific requirements. SecureLogin Single Sign-On utilizes scripts in order to provide login information and automate the login process for virtually any application.
When using SecureLogin in standalone mode, prompts appear when accessing applications which need password authentication, enabling you to easily add these to your portfolio of managed applications. In turn, these can be managed by the administration tool.
Alternatively, administration can be managed at the server level via the SecureLogin Manager MMC snap-in.
In addition, the Terminal Launcher application allows sign-on to hosts which require an emulator (such as mainframes), while various components provide interaction with internet browsers, Lotus Notes, and so on, and a variety of pre-built scripts facilitate login to various popular applications.
All in all, Protocom seems to have most bases covered and this is, of course, exactly what you want to know if you are a busy systems administrator charged with investigating a single sign-on approach within a large corporation. In this respect, it is worth trawling through the extensive Protocom documentation in order to work out exactly which platforms and components are supported and how it all fits together.
Considering the precise nature of your own infrastructure, the task might not be particularly easy, but this must be balanced against the very real benefits offered by a well-conceived single sign-on approach.
Getting away from multiple password hell and the associated support costs is a goal worth pursuing for everyone concerned, and SecureLogin Single Sign-On represents a major step forward.
Implementing a single sign-on approach on a large scale, as might be necessary for a large corporation or government agency, will naturally involve a certain amount of investigation and deliberation. This is, after all, hardly a plug-and-play type of development.
However, the provision of well-conceived tools such as SecureLogin Single Sign-On make such a development entirely realistic.
Throughout testing, everything worked as expected and both installing and uninstalling the product was error free. It is time that you took a fresh look at the single sign-on concept. With tools such as Protocom's SecureLogin Single Sign-On readily available, the idea need no longer be just a dream.
Good documentation and overall conception.
Very little, but it still requires thinking through.
A comprehensive and well-considered approach to a perennial problem.