SSO in the cloud
We recently deployed Okta at our company. You are going to have to wait a second while I compliment the deployment process. I’ve been working in IT seventeen years now and deploying software has always been a challenge. From the very moment you decide you need a product, until people are using the software, there are always a lot of challenges along the way. Watching a demo by an experience field engineer, and actually deploying the software are never the same. There is always training available, but it’s a separate process and doesn’t always mirror the approach or idea you had for deploying the software. Okta’s process for training and deployment meshed together well, and helped to make the deployment run smoothly. They require you to watch a few training videos and then they walk you through the deployment process. This teaches you how to configure Okta and also lets you ask questions and learn the software in your environment. It was a very painless experience.
Okay, thanks for bearing with me through that. Now I want to get to what this article is about. I have been working in SMBs for most of my career. I started my IT career at a startup in the height of the dot com boom and have been working in small and medium businesses ever since. My views because of this, are all exclusive to this market. I know people that work at large enterprises and they have different sets of issues. So I’m going to stick to SMB. The issues at most startups and medium size businesses is that you are working on a very tight budget and you have to use the tools provided to you by the software companies you are using.
Before the cloud was big, most software would tie in to Microsoft’s Active Directory for identity management and single sign on. This worked out well. You would deploy the software and then hook the software into Active Directory and your employees only had to remember one username and password.
With the proliferation of cloud based software, identity management has became a huge headache. Most of the systems do not tie in directly to AD, so each system has its own database of users and passwords. Along with that each of them have their own roles and permissions that you need to assign.
There are tools like Lastpass and 1password that help with this for keeping track of the passwords for people, but on the IT side you now have to go through a list of software to create the accounts and then when the employee leaves to de provision the account. This is very time consuming, and is prone to error. Even with checklists, things will get missed.
Okta is a single sign on product, known as SSO. The idea here is that your employees should be able to login using a single username and password and they now have access to all of their required software.
There is even a tie in to Active Directory if you want to use that as your core system. You can manage the accounts the same way you always have.
The problem comes in when you want to use SSO in the way it was meant to be used. No all cloud vendors offer SSO and a lot of the vendors that offer it, don’t offer it on the lower priced tiers of their software.
For a lot of the vendors you need to be using their most expensive tier. Most of the time they label this tier as enterprise.
There is a lot of talk in all industries about security, and most companies will tell you how serious they take security. If that’s the case, why is something that should be included in any software marketed towards a business, often added at the highest priced tier. The result of this is that a lot companies will forgo SSO.
Then there are the cloud based companies that don’t offer SSO at any price point.
Either way this is an issue. Account management is one of the most critical pieces of any software usage.
Okta isn’t the only vendor offering this, and I believe all companies should be looking into some form of identity management.
The underlying mechanics of getting SSO to work correctly is an industry standard and does not need to be specifically geared towards any one vendor. The company offering the software just needs to take the time to set it up.
All cloud software vendors need to offer SSO and they should offer it at the first level geared towards businesses.
Not only will it help your overworked IT team, but it will also make the experience of the people using the software that much better.