Who Uses Single Sign-On (SSO) Solutions?
Systems administrators: Systems administrators are responsible for deploying and managing a company’s SSO solutions.
Employees: Employees are end users of SSO solutions in a B2E use case to sign on and authenticate with the user portal to access their corporate accounts.
Customers: Customers are end users of SSO solutions in a B2C use case and sign in and authenticate using an identity provider, often a social media account, to access a business’ applications.
Business contacts: Companies may use SSO software to enable their business partners and corporate customers to securely authenticate and access the company’s assets, often with multiple identity providers.
Software Related to Single Sign-On (SSO) Solutions
Related solutions that can be used together with SSO software include:
Identity and access management (IAM) software: For employee use cases, IAM software offers broader identity solutions, of which SSO is often a part. IAM software authenticates users, provides access to systems and data based on company policies, tracks user activity, and provides reporting tools to ensure employees comply with company policies and regulations.
Customer identity and access management (CIAM) software: For customer use cases, CIAM software provides robust identity functionality. CIAM software enables businesses to centralize and manage customer identities, preferences, and profile information at scale while offering customers self-registration options.
Password manager software: Password managers are secure repositories that store individual user passwords, much like a vault. SSO solutions differs from password managers because SSO software provides authentication before granting a trusted token, not an actual password, for access to an application.
SaaS operations management software: SaaS operations management software tools enable businesses to manage, govern, and secure their SaaS product portfolios; many of these tools integrate with SSO solutions to manage user permissions.
SaaS spend management software: This software enables companies to manage SaaS utilization to identify cost savings. Many of these tools integrate with SSO software to manage end-user utilization of SaaS subscriptions.
How to Buy Single Sign-On (SSO) Solutions
Requirements Gathering (RFI/RFP) for Single Sign-On (SSO) Software
Prior to selecting an SSO software service provider or solution, buyers must consider what factors are important to the company, which may include:
End-user use case: Buyers must determine their end users—whether employees, customers, or business partners—to determine what kind of SSO solution works best for these constituencies.
Cloud vs. on-premises application support: The buyer should determine what applications and company resources will be connected to the SSO software. For applications that need high availability (24/7), they may not wish to connect those in case of downtime with the SSO provider. Many SSO providers offer prebuilt integrations with the most popular business software. If the business has applications that are custom-built, legacy, or on-premises, those may need integrations built to connect with the SSO. Another workaround would be to use a password vault within an SSO solution for legacy applications that are difficult to connect.
Federation protocols: If the organization needs to integrate with multiple identity providers outside of the organization, especially for authenticating business partners, FIM can achieve this. Federation protocols include SAML 1.1, SAML2, WS-Federation, OAuth2, OpenID Connect, WS-Trust, and other protocols.
Authentication type: The company should ensure that the authentication types its employees, customers, or partners will use are supported by the SSO solution of choice. This may include software or hardware-token-based authentication for employees and OTPs via email, SMS, or phone for customers, among many other authentication methods. Many SSO solutions now offer contextual or risk-based authentication measures to learn user behaviors, identify patterns, and thus provide risk-based assessments when the authentication process does not meet typical patterns.
Mobile app: If end users will access corporate applications from mobile devices, ensure the SSO software provider’s mobile app meets particular business needs.
Developer support: Buyers must ensure the SSO provider has the developer support the team requires, including software development kits (SDKs) and application programming interface (API) lifecycle management functions, particularly for B2C SSO use cases.
Meets security standards: SSO is a security tool providing users with authenticated access to their company resources. It is important that the SSO service provider meet security standards that are important to the company, which may include ISO 27017, ISO 27018, ISO 27001, SOC 2 Type 2, and others.
Compare Single Sign-On Software (SSO) Products
Create a long list
Buyers should create a long list of software solutions by researching on g2.com, by reading real-user reviews, seeing how vendors compare on G2 Grid® reports, and saving the software selections to “My List” to reference them in the future. Using g2.com, users can learn about which solutions are most often used in the geographic market and which ones are best for every business segment size—whether that is for small, medium, and enterprise businesses.
Create a short list
After creating a long list of vendors, buyers must do further research to narrow down the selections. Using g2.com’s compare feature, they can stack specific software up side by side to learn about how real users of the software rate their functionality. G2 also has quarterly reports showcasing users’ perception of return on investment (in months), the software provider’s average implementation time in months, usability scores, and many other factors.
Conduct demos
Up next is time to demo the products. Many vendors enable buyers to contact them directly from g2’s website by clicking the “Get a quote” button on their product profile. Buyers must prepare for each demo by having a standard list of questions and clarifications to ask each vendor.
Selection of Single Sign-On (SSO) Solutions
Choose a selection team
Single sign-on solutions impact users across the business—from employees, customers, business partners, IT teams, infosec teams, and more. The company’s software selection team should include people representative of these groups. They must start with three to five people to join the selection committee and clearly define project roles.
Negotiation
It is important to know how many licenses are needed, as pricing often depends on the number of licenses the buyer purchases and the length of time they purchase it for. Often buyers can get discounts if they purchase large blocks of licenses for a longer duration. They must be sure to negotiate not just on price, but also implementation. Companies may be able to get free or reduced implementation services or ongoing support, as well.
Final decision
Before making a final choice, buyers should check if they can get a trial run of the product to test adoption with a small sample size of users. If the tool is well used and well received, the buyer can be confident that the selection was correct.