What is involved in Single sign-on
Find out what the related areas are that Single sign-on connects with, associates with, correlates with or affects, and which require thought, deliberation, analysis, review and discussion. This unique checklist stands out in a sense that it is not per-se designed to give answers, but to engage the reader and lay out a Single sign-on thinking-frame.
How far is your company on its Single sign-on journey?
Take this short survey to gauge your organization’s progress toward Single sign-on leadership. Learn your strongest and weakest areas, and what you can do now to create a strategy that delivers results.
To address the criteria in this checklist for your organization, extensive selected resources are provided for sources of further research and information.
Start the Checklist
Below you will find a quick checklist designed to help you think about which Single sign-on related domains to cover and 124 essential critical questions to check off in that domain.
The following domains are covered:
Single sign-on, Active Directory, Apache Subversion, Authentication server, Central Authentication Service, Covert Redirect, Cross-site scripting, Email client, Facebook Connect, HTTP cookie, Help desk, Identity management, Identity management systems, Integrated Windows Authentication, Internet Explorer, Internet Information Services, Internet protocol suite, Kerberos protocol, Lightweight Directory Access Protocol, Microsoft Windows, One-time password, OpenID Connect, Password fatigue, Pluggable Authentication Modules, Revision control, Security Support Provider Interface, Service provider, Smart card, Social login, Social networking service, Ticket-granting ticket, Usability of web authentication systems, Windows 2000, Windows NT, World Wide Web Consortium:
Single sign-on Critical Criteria:
Talk about Single sign-on tactics and report on setting up Single sign-on without losing ground.
– How can I avoid duplication of identity, attributes, and credentials and provide a single sign-on user experience for my users?
– What are the disruptive Single sign-on technologies that enable our organization to radically change our business processes?
– Which individuals, teams or departments will be involved in Single sign-on?
– Does our organization need more Single sign-on education?
Active Directory Critical Criteria:
Graph Active Directory leadership and proactively manage Active Directory risks.
– Does the tool in use have the ability to integrate with Active Directory or sync directory on a scheduled basis, or do look-ups within a multi-domain forest in the sub-100-millisecond range?
– Does the tool we use have the ability to integrate with Enterprise Active Directory Servers to determine users and build user, role, and business unit policies?
– If we integrate an external product with active directory, will it require that we modify our ad schema?
– Who is responsible for ensuring appropriate resources (time, people and money) are allocated to Single sign-on?
– In what ways are Single sign-on vendors and us interacting to ensure safe and effective use?
– Provide the ability to synchronize active directory with cloud-based endpoints?
– What is the process of adding users and deleting users from Active Directory?
– What happens if a user changes their password natively in active directory?
– Enable unix and linux authentication from active directory?
– Does your software integrate with active directory?
– What are the long-term Single sign-on goals?
Apache Subversion Critical Criteria:
Generalize Apache Subversion quality and adopt an insight outlook.
– Think about the kind of project structure that would be appropriate for your Single sign-on project. should it be formal and complex, or can it be less formal and relatively simple?
– How do you incorporate cycle time, productivity, cost control, and other efficiency and effectiveness factors into these Single sign-on processes?
– How do we Improve Single sign-on service perception, and satisfaction?
Authentication server Critical Criteria:
Infer Authentication server quality and reinforce and communicate particularly sensitive Authentication server decisions.
– Are the firewall, router, wireless access points, and authentication server logs regularly reviewed for unauthorized traffic?
– What is the total cost related to deploying Single sign-on, including any consulting or professional services?
– What are our needs in relation to Single sign-on skills, labor, equipment, and markets?
– Do the Single sign-on decisions we make today help people and the planet tomorrow?
– What authentication servers and mechanisms are supported?
Central Authentication Service Critical Criteria:
Investigate Central Authentication Service visions and define Central Authentication Service competency-based leadership.
– How important is Single sign-on to the user organizations mission?
– How do we keep improving Single sign-on?
– Why are Single sign-on skills important?
Covert Redirect Critical Criteria:
Adapt Covert Redirect issues and transcribe Covert Redirect as tomorrows backbone for success.
– Is the Single sign-on organization completing tasks effectively and efficiently?
– How would one define Single sign-on leadership?
– What about Single sign-on Analysis of results?
Cross-site scripting Critical Criteria:
Guide Cross-site scripting quality and perfect Cross-site scripting conflict management.
– What are the top 3 things at the forefront of our Single sign-on agendas for the next 3 years?
– What are the Essentials of Internal Single sign-on Management?
– What are current Single sign-on Paradigms?
Email client Critical Criteria:
Mine Email client tactics and handle a jump-start course to Email client.
– What other organizational variables, such as reward systems or communication systems, affect the performance of this Single sign-on process?
– What will drive Single sign-on change?
– How do we Lead with Single sign-on in Mind?
Facebook Connect Critical Criteria:
Align Facebook Connect tasks and finalize specific methods for Facebook Connect acceptance.
– Record-keeping requirements flow from the records needed as inputs, outputs, controls and for transformation of a Single sign-on process. ask yourself: are the records needed as inputs to the Single sign-on process available?
– What is the source of the strategies for Single sign-on strengthening and reform?
– What is Effective Single sign-on?
HTTP cookie Critical Criteria:
Study HTTP cookie visions and probe using an integrated framework to make sure HTTP cookie is getting what it needs.
– What are the business goals Single sign-on is aiming to achieve?
Help desk Critical Criteria:
Start Help desk projects and find out.
– The offeror will describe its service levels for fixes, help desk, etc. will it reduce its fees if the service levels are not met?
– Expose its policy engine via web services for use by third-party systems (e.g. provisioning, help desk solutions)?
– How can you negotiate Single sign-on successfully with a stubborn boss, an irate client, or a deceitful coworker?
– Complement identity management and help desk solutions with closedloop import and export?
– What features of the current help desk service management tool are being used?
– How has the current help desk service management tool been customized?
– Do we know the number of password problem help desk calls per month?
– What is the current help desk service management tool and version?
– How will the offeror provide support through the help desk?
– Help desk password resets easily measured (specific number?
– Does the Single sign-on task fit the clients priorities?
– Number of password problem help desk calls per month?
– How does the help desk authenticate callers?
Identity management Critical Criteria:
Use past Identity management goals and achieve a single Identity management view and bringing data together.
– With so many identity management systems proposed, the big question is which one, if any, will provide the identity solution to become standard across the internet?
– Do we keep track of who the leading providers of identity management products and services are, and what are their key offerings, differentiators and strategies?
– How is the market for identity management evolving in new technologies, market trends and drivers, and user requirements?
– Did we develop our saas identity management solution in house or was it acquired from other vendors?
– What is the security -life cycle identity management business case?
– Do Single sign-on rules make a reasonable demand on a users capabilities?
– What are the identity management facilities of the provider?
– What is a secure identity management infrastructure?
– What is identity management to us (idm)?
– How can identity management help?
– Are there Single sign-on Models?
– What about identity management?
Identity management systems Critical Criteria:
Face Identity management systems tasks and balance specific methods for improving Identity management systems results.
– How do we make it meaningful in connecting Single sign-on with what users do day-to-day?
– Is Single sign-on Realistic, or are you setting yourself up for failure?
Integrated Windows Authentication Critical Criteria:
Shape Integrated Windows Authentication strategies and get out your magnifying glass.
– What management system can we use to leverage the Single sign-on experience, ideas, and concerns of the people closest to the work to be done?
– What are the record-keeping requirements of Single sign-on activities?
Internet Explorer Critical Criteria:
Sort Internet Explorer planning and frame using storytelling to create more compelling Internet Explorer projects.
– Will Single sign-on have an impact on current business continuity, disaster recovery processes and/or infrastructure?
– Who will be responsible for making the decisions to include or exclude requested changes once Single sign-on is underway?
Internet Information Services Critical Criteria:
Learn from Internet Information Services visions and look at it backwards.
– What will be the consequences to the business (financial, reputation etc) if Single sign-on does not go ahead or fails to deliver the objectives?
– How can the value of Single sign-on be defined?
Internet protocol suite Critical Criteria:
Participate in Internet protocol suite engagements and ask questions.
– When a Single sign-on manager recognizes a problem, what options are available?
– What tools and technologies are needed for a custom Single sign-on project?
Kerberos protocol Critical Criteria:
Focus on Kerberos protocol strategies and explore and align the progress in Kerberos protocol.
– Risk factors: what are the characteristics of Single sign-on that make it risky?
– Is Single sign-on dependent on the successful delivery of a current project?
– How much does Single sign-on help?
Lightweight Directory Access Protocol Critical Criteria:
Grasp Lightweight Directory Access Protocol risks and check on ways to get started with Lightweight Directory Access Protocol.
– Are there any easy-to-implement alternatives to Single sign-on? Sometimes other solutions are available that do not require the cost implications of a full-blown project?
– How do we know that any Single sign-on analysis is complete and comprehensive?
– Is there any existing Single sign-on governance structure?
Microsoft Windows Critical Criteria:
Model after Microsoft Windows issues and give examples utilizing a core of simple Microsoft Windows skills.
– Does Single sign-on systematically track and analyze outcomes for accountability and quality improvement?
– What sources do you use to gather information for a Single sign-on study?
One-time password Critical Criteria:
Match One-time password failures and get going.
– Who will be responsible for documenting the Single sign-on requirements in detail?
– Do we have past Single sign-on Successes?
– How to Secure Single sign-on?
OpenID Connect Critical Criteria:
Illustrate OpenID Connect visions and gather practices for scaling OpenID Connect.
– Who sets the Single sign-on standards?
Password fatigue Critical Criteria:
Map Password fatigue management and tour deciding if Password fatigue progress is made.
– Think about the functions involved in your Single sign-on project. what processes flow from these functions?
Pluggable Authentication Modules Critical Criteria:
Read up on Pluggable Authentication Modules leadership and find the essential reading for Pluggable Authentication Modules researchers.
– Meeting the challenge: are missed Single sign-on opportunities costing us money?
Revision control Critical Criteria:
Disseminate Revision control projects and adopt an insight outlook.
Security Support Provider Interface Critical Criteria:
Be responsible for Security Support Provider Interface tasks and customize techniques for implementing Security Support Provider Interface controls.
Service provider Critical Criteria:
See the value of Service provider risks and test out new things.
– Follow-up: Follow-up should include regular status reporting, describing new controls and lessons learned to improve future performance. The most important element of the follow-up stage is performing a postmortem analysis of the response procedure itself. Exactly what happened and at what times?
– Do you monitor security alerts and advisories from your system vendors, Computer Emergency Response Team (CERT) and other sources, taking appropriate and responsive actions?
– During the last 3 years, have you received a complaint or an injunction arising out of intellectual property infringement, content or advertising?
– Can the cloud service provider offer the flexibility to provide availability service levels in line with the customers requirements?
– Does your company have a current information security policy that has been approved by executive management?
– Are systems regularly audited to identify inappropriate code and/or applications that have been installed?
– Do you ensure that all private information is encrypted whether at rest or in transit?
– What should customers be looking for and expect from a good cloud service provider?
– How many UNIX servers are there and what functions are they providing?
– Does the service provider have a service desk function based on ITIL principles?
– Do you notify customers upon the release of their private information?
– Do you train employees on the proper handling of private information?
– Can the cloud service provider make available an endto-end continuity plan?
– Do you need to have an audit of every cloud service provider?
– Do you have any data sharing agreements with any 3rd parties?
– Do current policies cover existing practices adequately?
– Do you have a dedicated security officer/manager?
– Where Is your organizations Confidential Data?
– What is A good cloud service provider?
– Do you have remote users?
Smart card Critical Criteria:
Accelerate Smart card tactics and test out new things.
– What are your results for key measures or indicators of the accomplishment of your Single sign-on strategy and action plans, including building and strengthening core competencies?
Social login Critical Criteria:
Mix Social login goals and document what potential Social login megatrends could make our business model obsolete.
Social networking service Critical Criteria:
Be clear about Social networking service results and prioritize challenges of Social networking service.
Ticket-granting ticket Critical Criteria:
Grade Ticket-granting ticket tactics and oversee Ticket-granting ticket requirements.
– In the case of a Single sign-on project, the criteria for the audit derive from implementation objectives. an audit of a Single sign-on project involves assessing whether the recommendations outlined for implementation have been met. in other words, can we track that any Single sign-on project is implemented as planned, and is it working?
– Are assumptions made in Single sign-on stated explicitly?
Usability of web authentication systems Critical Criteria:
Talk about Usability of web authentication systems decisions and pioneer acquisition of Usability of web authentication systems systems.
Windows 2000 Critical Criteria:
Participate in Windows 2000 goals and slay a dragon.
– Have the types of risks that may impact Single sign-on been identified and analyzed?
– What are the usability implications of Single sign-on actions?
Windows NT Critical Criteria:
Transcribe Windows NT management and get going.
– Where do ideas that reach policy makers and planners as proposals for Single sign-on strengthening and reform actually originate?
– What other jobs or tasks affect the performance of the steps in the Single sign-on process?
World Wide Web Consortium Critical Criteria:
Illustrate World Wide Web Consortium projects and adopt an insight outlook.
– What are internal and external Single sign-on relations?
This quick readiness checklist is a selected resource to help you move forward. Learn more about how to achieve comprehensive insights with the Single sign-on Self Assessment:
Author: Gerard Blokdijk
CEO at The Art of Service | theartofservice.com
Gerard is the CEO at The Art of Service. He has been providing information technology insights, talks, tools and products to organizations in a wide range of industries for over 25 years. Gerard is a widely recognized and respected information expert. Gerard founded The Art of Service consulting business in 2000. Gerard has authored numerous published books to date.
To address the criteria in this checklist, these selected resources are provided for sources of further research and information:
Single sign-on External links:
JCCC Single Sign-on
What is single sign-on (SSO)? – Definition from …
UAH Single Sign-On – CAS – Central Authentication Service
Active Directory External links:
User Attributes – Inside Active Directory
Azure Active Directory B2C | Microsoft Azure
Apache Subversion External links:
How to Resolve Conflicts in Apache Subversion: 9 Steps
Install and Configure Apache Subversion (SVN) on …
Authentication server External links:
OpenOTP Authentication Server – RCDevs Security …
IO Education Authentication Server
IO Education Authentication Server
Central Authentication Service External links:
CAS – Central Authentication Service
CAS – Central Authentication Service
Login – CAS – Central Authentication Service
Covert Redirect External links:
OAuth Security Advisory 2014.1 — Covert Redirect
Covert Redirect on OAuth 2.0 and OpenID API – YouTube
Can someone explain the “Covert Redirect” vulnerability …
Cross-site scripting External links:
What is Cross-site Scripting and How Can You Fix it?
Types of XSS (Cross-site Scripting) – Website security
Email client External links:
Chaos Software contact manager email client crm
Download Free Version | Best email client | eM Client
Facebook Connect External links:
Facebook Connect for MVP Club Accounts – Nebraska Lottery
Facebook Connect syncs up with iPhoto – CNET
Pogo & Facebook Connect | Help
HTTP cookie External links:
HTTP cookie – Wiktionary
Help desk External links:
Identity management External links:
Colorado Department of Education Identity Management
Login Page – Planned Parenthood Identity Management
Identity management systems External links:
Identity Management Systems Program | NIST
At IU, what is UITS Identity Management Systems?
[PDF]Federated Identity Management Systems – Cornell …
Internet Explorer External links:
Change your home page for Internet Explorer 11
Internet Explorer help – support.microsoft.com
Enabling cookies in Internet Explorer – Time and Date
Internet Information Services External links:
Microsoft Internet Information Services 8
Microsoft Internet Information Services 8 – RaceTrac
Microsoft Internet Information Services 8
Internet protocol suite External links:
Internet Protocol Suite
The Internet protocol suite is the conceptual model and set of communications protocols used on the Internet and similar computer networks. It is commonly known as TCP/IP because the original protocols in the suite are the Transmission Control Protocol (TCP) and the Internet Protocol (IP).
Internet Protocol Suite Flashcards | Quizlet
Kerberos protocol External links:
Basic Concepts for the Kerberos Protocol
[MS-SFU]: Kerberos Protocol Extensions: Service for …
Lightweight Directory Access Protocol External links:
Lightweight Directory Access Protocol – Oracle …
Lightweight Directory Access Protocol (LDAP) | IT@UMN
Managing Lightweight Directory Access Protocol Policies
Microsoft Windows External links:
Apps | Microsoft Windows 10 | Official Site
OpenID Connect External links:
OpenID Connect – Official Site
Gluu – Open source SAML OpenID Connect SSO & API …
OpenID Connect | Google Identity Platform | Google Developers
Password fatigue External links:
‘Password Fatigue’ May Soon Be Over – Business Insider
Password fatigue – The Blade
Password Fatigue – Home | Facebook
Pluggable Authentication Modules External links:
PAM (Pluggable Authentication Modules)
Pluggable Authentication Modules – FreeBSD
Pluggable Authentication Modules – Example Header Files
Security Support Provider Interface External links:
Security Support Provider Interface Architecture
Service provider External links:
Cable TV, Internet and Phone Service Provider | MetroNet
My Provider Link – Your Service Provider’s Billing Partner
Sonic – Internet & Phone Service Provider
Smart card External links:
UPAF Smart Card: SM ART CARD
Smart Cards | Coupons and Virtual Smart Card
Social login External links:
WooCommerce Social Login – WooCommerce
Social Login for Customer Identity Management – Gigya
Ionic Social Login using Firebase – JAVEBRATT
Usability of web authentication systems External links:
Usability of web authentication systems – WOW.com
Usability of web authentication systems – Revolvy
www.revolvy.com/topic/Usability of web authentication systems
Windows 2000 External links:
Windows NT External links:
Windows NT 4.0 Service Pack 6a (SP6a) resolves the SP6 issue with Lotus Notes and other Winsock based applications and provides the latest updates to Microsoft
Download Windows NT Backup – Restore Utility from …
World Wide Web Consortium External links:
World Wide Web Consortium – Official Site