The Hidden Costs of “Free” Single Sign-On

December 9, 2019

Single Sign-On (SSO) is a powerful tool for delivering immediate access to educational technology resources. With just a single set of credentials, students and staff can access all the applications needed for their day-to-day teaching and learning activities from one central portal. However, without the back-end infrastructure to fully automate account provisioning and resource rostering, SSO alone is no match for your district’s identity management demands.

As more and more school curriculum goes online, it’ll become more difficult for internal resources to manage all the applications a district requires. These struggles are amplified for smaller districts, who must provide the same quality of education, but with fewer resources. The need for districts to provide equitable learning experiences regardless of size and available funding has given rise to many free SSO solutions on the market today.

While most stand-alone SSO portals adequately provide access to applications, they don’t fully address the challenges district IT, HR, and C&I teams face trying to deliver optimal user experiences. Without account provisioning and resource rostering components, SSO portals often require the full-time efforts of several employees to manage user identities behind the scenes. Having too many cooks in your district’s data “kitchen” can result in data entry inconsistencies and create more chances for human error.

Another shortcoming of stand-alone SSO portals is their inability to enforce resource access policies. As users progress through their identity lifecycle within your district, their roles and attributes will undoubtedly change, and so will their digital tool needs. A complete IAM suite allocates and revokes resources access accordingly so that users have exactly the resources they need at the right time —and nothing more. Again, with an SSO portal lacking integration, the task of curating users’ personalized digital tool portfolios falls on the district.

Single-point SSO is also indifferent to users’ individual security needs and has no awareness of users’ roles and attributes. Consequently, additional authentication measures, like SMS verification, can’t be implemented for users who have access to particularly sensitive information, such as teachers with grade book applications. Though incredibly convenient and affordable, SSO-only solutions present security concerns, as the portal is only as safe as the single set of credentials used to safeguard it. This makes it critical that all SSO portals include a confidence engine that can assign additional login requirements on an as-needed basis.

As you can see, “free” SSO solutions require further investment of both time and funding to address anything more than resource access. A comprehensive IAM solution should provide automated account provisioning and resource rostering with personalized SSO and unmatched security tools to deliver a true end-to-end identity governance solution.

Complete solutions. Excellent Service.

Make the most of your resources & personnel with the Enboard Suite.