What is SSO?
With Single Sign-On, abbreviated as SSO, users log in to the Spend Cloud in a very simple and secure way, without needing a username and password. The SSO connections between different applications ensure that authentication happens automatically. Users don't have to enter a username and password because authentication is managed from one central location within your organization. This provides great convenience for users, as well as for the central administration.
In this article, we explain more about how SSO works and its application.
Contact your account manager to set up SSO for your organization.
The Origin of SSO
Nowadays, employees typically have to log in approximately nine times to do their work. The most secure approach would be to use a different password for every application and to securely store these passwords, not on a sticky note on your screen. This need led to the concept of SSO. The basic idea of SSO is that each application a person needs access to can be reached by making themselves known only once.
The login details for SSO are stored with the so-called Identity Provider (IdP). Service Providers (SP) are the applications that a user has access to and require verification. When a user opens an application, the identity provider and service provider exchange information to verify the user's identity.
What are the advantages of SSO in combination with the Spend Cloud?
You can choose to use the Spend Cloud without an SSO connection. This allows you to log in directly with a username and password. If you decide to use the Spend Cloud with an SSO connection, you'll enjoy the following benefits:
- You can customize security as you see fit (Multi-factor authentication, as well as password requirements)
- Security requirements can be enforced in one place
- It's much easier to ensure that a user is denied access to all applications
- Simplicity and convenience for the end user
By setting up SSO for the applications used within your organization, you ensure that you can follow a consistent cybersecurity policy. This way, you are not dependent on application-specific restrictions.
Why doesn't the Spend Cloud have Multi-factor or Two-factor authentication?
The above-mentioned advantages of an SSO connection lead most of our customers to choose to use the Spend Cloud in combination with an SSO connection. The selected SSO solution is always combined with an additional level of authentication (two-factor or multi-factor). Security and the simplified login process for employees are reasons to take a look at the most common Identity Providers: Microsoft Azure, Google G-Suite, Microsoft Active Directory Server, and HelloID.
How secure is the Spend Cloud?
Like our customers, we at Visma | ProActive also consider security to be one of the most important topics. Within Visma, we have a dedicated Visma Security Index for this purpose. This index is often more demanding than that of most auditors. You can find more information about this security index and our certificates
here. If you want to learn more about how Visma | ProActive ensures that the Spend Cloud and your data in the Spend Cloud are secure, you can also
read this article on security.