Single Sign-On: Secure, Simple Hack Prevention


If you’ve been paying attention to business headlines, chances are you’ve heard of the latest crippling ransomware attacks. Small cybersecurity incursions have turned to major geopolitical and business failures—like the Solar Winds attack on US Governent agencies, the ransomware demands that shut down the Colonial pipeline, and the attack on JBS Meatpacking that slowed beef production around the world. 

If you think your business is too small to attract the attention of ransomware thieves, think again. A new ransomware attack takes place about every 11 seconds, according to Cybercrime Magazine, and small and medium sized organizations are just as likely to get hit as large multi-nationals. In fact, a recent report from Cybersecurity Ventures predicts that global ransomware damage will top $20 billion in 2021—up more than 57 times what it was in 2015. 

How are criminals able to get their hands on so many files and systems to ransom? In most cases, by coming right through your digital front door: your company’s login. Luckily, there’s one very effective way any company can fight back: single sign-on verification, run through a multifactor authentication system. It’s a tool so useful, it even gained a mention in President Biden’s recent executive order on Cybersecurity. As an IT services provider specializing in small and medium-sized businesses, Integris strongly recommends SSO as an essential piece of any modern workplace. Let’s take a closer look at how it could work for you. 


What is single sign-on (SSO)? 

Single sign-on (SSO) is an authentication service that allows your employees to sign in to your system using just one master log-in. From a user experience point of view, it’s the gold standard, allowing them automatic access to all the programs and services they’re signed up for, without having to verify their identity over and over again. Yet, because it requires one extra verification step, it eliminates the opportunity thieves have to impersonate users. So it often stops crime in its tracks. 

And that’s important, because cyber criminals capitalize on small, innocent user mistakes. Employees often don’t realize that guy sitting next to them in the coffee shop has a tracker on their wifi, recording their keystrokes as they log in. They don’t know that that fake email from the CEO had a link that downloaded log-in stealing malware. While single sign-on is no magic wand that makes all cyber crime disappear, it does eliminate some of the most common and damaging entry points for thieves. 


How does single sign-on work? 

Single sign-on works by using “secure tokens” that package all your data together in one sign in. When employees want to sign on to your system, they type their password into your company portal. That portal then sends the log-in via a security token to an SSO provider. The provider looks at the security token, verifies it, and activates one extra layer of authentication. In most cases, it will send a log-in request to a security app that might be placed on an employee’s phone, such as DUO Mobile. The app will ping the user, asking them to verify the log-in. Depending on the app, this verification could be a fingerprint, or hitting “yes” in a text, or tapping on a check mark. No more log ins needed! 

Regardless, the single sign-on app requires that your employees be logged into another device, like their phone, to activate the log-in to your system. This multifactor authentication makes it far harder for far away thieves to hack your network. And most employees find single sign-on systems to be sleek, easy to use, and unobtrusive. 


How to find out more: 

Want to do some deeper research on single sign-on?  Integris can help you do your homework with our two-factor authentication guide, develop a security strategy around SSO with our cybersecurity plan, and advise your employees with our blog on 9 steps to a stronger password. 

And as always, if you need a turnkey IT services partner to help install the proper security protocols in your organization, we’d love to help you!  Contact us and set up a free consultation, today! 

Susan Gosselin is a Senior Content Writer for Integris. A career communicator and business journalist, she's written extensively on IT topics and trends for IT service providers like Iconic IT and ProCoders Ukraine, as well as business publications such as,, The Lane Report and many others. Connect with her on LinkedIn.

Keep reading

The Password is Dead: Introducing MFA

The Password is Dead: Introducing MFA

As luck would have it, “password12345” just isn’t cutting it for account security anymore. The password is dead: more and more headlines are using this phrase to describe severe security issues with the average password. It’s true that bigger and bolder hacks have...

Nine Rules For Strong Password Creation

Nine Rules For Strong Password Creation

Do your employees know how to create a strong password? Is authentication management a priority at your company? If you're answering no to either question, you could be placing your organization at serious risk. Why? Because guessing employee logins is one of the key...

Zero-Trust Architecture: What is it and why should you care?

Zero-Trust Architecture: What is it and why should you care?

If you're like most people, the thought of your sensitive business data being stolen by some creep (that probably spends their entire day in pajama pants covered in Cheeto crumbs) is both infuriating and panic-inducing. You've got two choices: 1. You can either go to...