Bring me a password. Now bring me another and another ...

Single sign-on authentication can eliminate user and administrator headaches

Chew on this statistic: Worldwide spending on identity and access management reached almost $3 billion in 2006, according to a 2007 IDC study of the authentication technology market. That's $3 billion to bridge the Internet Age moats around our castles, but it does not include the cost of aspirin for headaches that password issues cause network administrators and users alike every year.

There is, however, an emerging set of solutions that can reduce the pain of password management: single sign-on (SSO) technology allows a user to have one password that provides entry to a system and then manages all of the application authentications seamlessly and transparently. Better yet, SSO offers some relief – even some advantage – to network administrators who support multiple password-protected applications.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Chew on this statistic: Worldwide spending on identity and access management reached almost $3 billion in 2006, according to a 2007 IDC study of the authentication technology market. That's $3 billion to bridge the Internet Age moats around our castles, but it does not include the cost of aspirin for headaches that password issues cause network administrators and users alike every year.

There is, however, an emerging set of solutions that can reduce the pain of password management: single sign-on (SSO) technology allows a user to have one password that provides entry to a system and then manages all of the application authentications seamlessly and transparently. Better yet, SSO offers some relief – even some advantage – to network administrators who support multiple password-protected applications.

The SSO effect on money and time

As small and midsize businesses (SMBs) grow, so do the number of applications that require user authentication. This is usually driven by sensible concerns about confidentiality and protection of sensitive data, such as customer information or company financial information. In highly regulated industries, such as financial services and insurance, CDW has seen organizations with as many as 30 applications that require user authentication.

IT help desks can potentially spend hours on password resets. In fact, according to IDC, 40% of help desk calls are for password resets, and the price of password reset calls can accrue to astronomical sums, costing up to $50 per reset. To put the costs in perspective, if each user in a 500-person enterprise makes four reset calls each year, the company may spend $100,000 annually on resets – and they may avoid all or most of that by implementing a secure SSO solution. In many companies, that is at least the cost (in salary and benefits) of one experienced IT professional.

The objective of SSO is to avoid the hidden costs of flawed "human software." It is simply easier for any user to remember one password instead of several. If users forget passwords, not only does the help desk have the burden and expense of a password reset, but there can be a substantial period of time where users will not have access to the application they need, wasting still more time and money.

Auditing and Compliance

In addition to reducing user and network administrator frustration, SSO solutions can help alleviate the increasing challenges of compliance with corporate governance or regulatory measures such as the Health Insurance Portability and Accountability Act, the Gramm-Leach-Bliley Act, and the Sarbanes-Oxley Act. With SSO authentication, organizations can easily identify and catalog security breaches, and fewer passwords mean fewer records to keep, reducing the manpower that companies spend on regulatory compliance each year. This is becoming an important consideration, as Gartner predicts that the number of regulatory requirements directly affecting IT operations is expected to double in the next few years.