With software as a service (SaaS) driving most work applications, your employees have to remember a slew of login credentials. It's difficult for them to keep track of all those passwords. Not only that, but leaving users to preside over a fragmented sea of credentials is a security nightmare waiting to happen.
"The typical small business has 15 cloud apps, and bigger businesses have even more," said Mike Gold, president of cloud IT solutions provider Intermedia. "There's a lot of logging in and logging out, and that takes a lot of time. If you lose one (password) you have to reset it, and it's a big hassle for IT. Too many passwords hurt employee productivity."
That's where single sign-on (SSO) comes in. These solutions aggregate user login information for the SaaS applications and organize them under one umbrella; as far as the user is concerned, one password now gives them access to everything. SSO allows an IT team to monitor access and control security policies from the back end, as well as manage regular password changes and the creation of credentials for new users. SSOs are also essential in revoking access from an employee once they leave the company. [See Related Story: Best Single Sign-On for Enterprise Businesses]
Tom Garrison, vice president and general manager of Intel's Business Client Platform Division, said a key consideration for using SSO is maintaining wise security policies.
"Any company implementing SSO needs to think carefully about what requirements to put on the business users' logon," Garrison said. "It is critical to make that logon as secure as possible."
Garrison suggests that companies implement a logon system that uses multiple factors of authentication with the credentials secured in the hardware. This can increase security and identity authentication, without the need for complex, frequently changing passwords, he said.
Naturally, partnering with any SSO provider means trusting it to be responsible with some of your company's most sensitive information.
"If you're going to hand over the 'keys' to your company, there's a significant level of trust you have to have," Gold said. "You're trusting that company with all of your work apps, company data and potentially control of your cash flow. You really need to choose a business that has shown it has the ability to manage this."
Here's a look at some of the best SSO solutions on the market today and how they can help your business simplify your user authentication and identity management needs.
Already prepared to choose a single sign on solution? Here’s a breakdown of the rest of our coverage:
- OneLogin Review: Best Single Sign-On Solution for Small Business
- LastPass Review: Best Free Single Sign-On Solution for Business
Best SSO Solutions
- OneLogin is particularly customizable, granting administrators a large range of control over security policies and groups.
- Pricing for OneLogin is reasonable for its position in the industry. The enterprise business package starts at $4 per user per month, while the larger unlimited package totals $8 per user per month.
- OneLogin supports multi-factor authentication and includes additional security features, like mapping tools to create groups or self-registration pages.
- Free version still offers essential services, including multi-factor authentication and security challenge feature..
- LastPass employs a master password to secure data; not even the company knows it. LastPass also helps to find and remedy unsecured passwords, as well as generate new secure ones.
- LastPass works across all devices and platforms, meaning you're good to go no matter what system you use. Especially useful for small, collaborative teams.
Editor's Note: Looking for an SSO solution for your business? Use the questionnaire below to be contacted by vendors with additional information:
Best Small Business SSO Solution: OneLogin
OneLogin offers a highly effective and customizable SSO solution that's ideal for small and midsized businesses, earning it our title for best SSO solution for small businesses. OneLogin is relatively straightforward to implement, supports multiple directory types, features a user-friendly access portal, and offers an abundance of control to administrators. Through features like OneLogin's self-registration pages and group management mapping tools, this SSO offers a unique level of control to those monitoring the system. However, that does come with a bit of added responsibility on the back end. Still, for a small or midsized company, the additional legwork shouldn't be overly taxing.
OneLogin is affordable compared to other leading competitors. The Enterprise package is $4 per user per month, with a minimum of 10 users, while the Unlimited package rings in at $8 per user per month, with a minimum of five users.
Best Free SSO Solution: LastPass
In case your business doesn't need a true, in-depth SSO solution but you'd still like to offer your team an easier way to access the applications you work with, LastPass offers a free password-vaulting service that accomplishes the basics of SSO. LastPass works on all platforms and across all mobile devices, and features hardy security for a free service.
LastPass will actually help you lock down passwords that were saved in an unsecure manner and scrub them from your browsers' histories to close any existing vulnerabilities created by unsecured credentials. It also features a very user-friendly portal that neatly organizes all of your applications, helps generate new secure passwords, and saves autofill information for forms. LastPass is a good start toward SSO for any small team.
To choose the best SSO solutions for businesses, we analyzed dozens of reputable software companies. Our selection was based on user feedback, previous reviews and Better Business Bureau ratings. From there, we more closely examined our list and narrowed it down to a pool of finalists.
To select the final candidates – one for each category of Best Small Business SSO and Best Free SSO – we analyzed the following:
- Ease of use
- Security policies
- SAML authentication
- Password vaulting
- Multi-factor authentication
- Customer/tech support
Based on our in-depth research, the 10 final candidates for our best SSO picks included Dashlane, EmpowerID, LastPass, Microsoft Azure, Okta Identity Management, OneLogin, PortalGuard, Evidian, PingFederate and Bitium. From there, we examined the features of each service, comparing each one against the needs of the average small business owner to choose our favorite services.
Editor's Note: Looking for an SSO solution for your business? To help you choose the one that's right for you, use the questionnaire below to be contacted by vendors with additional information:
Here is a list of SSO solution vendors in the identity access management space. This alphabetical list includes our best picks.
AuthAnvil – AuthAnvil is an SSO solution that features multifactor authentication and an emphasis on security. The company offers a standard plan, which includes essential services like directory synchronization and MFA, as well as a premium version that includes more advanced administrator controls and branding features. https://authanvil.com/
Avatier – Designed for quick and simple implementation, Avatier is an affordable cloud-based SSO solution that also includes licensing management for any SaaS products your company is using. Avatier features a customizable user portal that helps your employees tailor the experience to suit their needs. https://www.avatier.com/
Bitium – Bitium is a well-known SSO solution that boasts a high degree of adaptability, meaning that however your organization's infrastructure is set up, Bitium is likely able to integrate with it. This makes the implementation process much smoother. Bitium is primarily focused on mid-size to large businesses. https://www.bitium.com/
Centrify Identity Service – Centrify offers a holistic approach to identity access management, from the cloud to mobile applications. The system supports both your employees and anyone outside of your organization who might need to access particular applications in partnership with your company. Implementation is adaptable to a number of different directory types. https://www.centrify.com/products/identity-service/
Clearlogin – ClearLogin helps unify the access management process into one dashboard, simplifying the process for end users. For administrators, it lends a wide range of controls over who gains access to what, how and when. Access is easily approved or revoked, making the identity access management process adaptable and fluid. http://www.clearlogin.com/
Dashlane – Dashlane is a personal password manager that can double as an SSO solution for small organizations and startups. With a free version and a premium business edition, Dashlane can be adapted to suit the needs of individuals on a working team or for that of a small and growing business. https://www.dashlane.com/
Digital Persona – Digital Persona employs biometrics and multifactor authentication to deliver a secure SSO solution. While the price reflects the level of sophistication, Digital Persona is a reliable method of ensuring that the users accessing your system are truly the right users. This solution is recommended for larger businesses that require security peace of mind. http://cm.crossmatch.com/digitalpersona/
EmpowerID – EmpowerID excels when it comes to automation of the identity access management process. Administrators roles are primarily for monitoring, rather than managing, which helps free them up to handle other pressing tasks. Emphasizing self-service, EmpowerID's user portal is intuitive and easy for employees to learn. http://www.empowerid.com/
Evidian – Evidian's SSO solution is a flexible one that supports authentication via password, biometrics, or even other methods like smartcard and radio badge. The platform also features robust security controls for administrators so your policies can be tailored to precisely meet your organization's needs. https://www.evidian.com/products/enterprise-sso/
Identacor – This cloud-based SSO solution connects with hundreds of SaaS and web-based applications. Implementation is relatively easy, meaning administrators won't have to spend an immense amount of time getting the platform up and running. For users, applications are accessed through a single, organized dashboard. https://www.identacor.com/
Imprivata – Imprivata focuses on reducing the amount of time and complexity in the SSO process. Implementation is simplified by a drag-and-drop profile generator, which saves the IT department some heavy lifting. Following implementation, users can access all of their applications through a single authentication. https://www.imprivata.com/single-sign-on-sso
JumpCloud – This cloud-based SSO solution offers a wide range of support for a variety of directory types, aimed primarily at enterprise clients. The platform is compatible with scores of popular applications and features a user-friendly interface. The first 10 users for JumpCloud are free. https://jumpcloud.com/daas-product/sso-single-sign-on
Keeper SSO Connect – Keeper SSO Connect is a platform unifying SSO with other security features, like safe storage for proprietary data, customer data, sensitive documents and access credentials to restricted systems. Ultimately, Keeper SSO Connect can serve as a centralized access system that governs more than just applications. https://keepersecurity.com/keeper-sso-connect.html
LastPass – LastPass, our best pick for a free SSO solution, is a simple and navigable platform suited for small teams and startups. Its robust features, including multifactor authenticity, are impressive for a free service, and yet do not undermine its simplicity and user-friendly interface. If your small business outgrows the free edition, LastPass offers a premium version. Find out more at https://lastpass.com or read our full review on Business News Daily.
LoginRadius – LoginRadius is an SSO platform that supports multifactor authentication and multiple methods for authenticating, including standard login, phone registration, and more. With both a business and enterprise plan, LoginRadius has options for businesses of all sizes. All plans include training and live support. https://www.loginradius.com/single-sign-on/
Microsoft Azure – Microsoft Azure boasts some of the largest application support out of the solutions we reviewed. The platform supports multifactor authentication for added security and employs Microsoft's infrastructure, virtually guaranteeing that your synced directory will be safe in the company's care. https://azure.microsoft.com/en-us/
miniOrange – miniOrange is an SSO solution that offers wide support for a number of different types of directories. It can also communicate with most SaaS applications, as it supports all types of external identity sources from SAML to OAuth 2.0. miniOrange gives administrators control over security policies and groups, while offering reports and data-driven information to keep them informed. http://miniorange.com/single-sign-on-sso
Okta Identity Management – Okta Identity Management, our best pick for an enterprise business SSO solution, is a robust and powerful platform that makes the identity access management process simple and secure. With a relatively easy implementation and a very simple user interface, Okta reduces the pain of integrating SSO with your current operations while boosting security and productivity. Find out more at https://www.okta.com/products/single-sign-on/ or read our full review on our sister site, Tom's IT Pro.
OneLogin – OneLogin, our best pick for small business SSO solution, is an adaptable and customizable platform that lends great control to administrators in determining security groups and policies. OneLogin impressed particularly when it came to tailoring the directory to precisely suit the needs of the organization. While this means more active engagement on the back end, it also means versatility and scalability. And the end-user experience remains intuitive and easy to learn. Find out more at https://www.onelogin.com/ or read our full review on Business News Daily.
PingFederate – PingFederate, an SSO solution from Ping Identity, helps unify SaaS, mobile and web applications under a single authentication system. PingFederate covers the most commonly used business applications and centralizes control over identities, permissions, and credentials on the back end, giving your administrators greater control and oversight. https://www.pingidentity.com/en/products/pingfederate.html
PortalGuard – PortalGuard is an SSO platform ideal for smaller businesses requiring integration with a wide range of web and SaaS applications. Administrators are granted a wide range of latitude in setting security policies and groups, including multifactor authentication and which methods the MFA requires a user to employ. http://www.portalguard.com/