With software as a service (SaaS) driving most work applications, your employees have to remember a slew of login credentials. It's difficult to keep track of all those passwords. Not only that, but leaving users to preside over a fragmented sea of credentials is a security nightmare waiting to happen.
"The typical small business has 15 cloud apps, and bigger businesses have even more," said Mike Gold, president of cloud IT solutions provider Intermedia. "There's a lot of logging in and logging out, and that takes a lot of time. If you lose one [password] you have to reset it, and it's a big hassle for IT. Too many passwords hurt employee productivity."
That's where single sign-on (SSO) comes in. These solutions aggregate user login information for the SaaS applications and organize them under one umbrella; as far as the user is concerned, one password now gives them access to everything. SSO allows an IT team to monitor access and control security policies on the back end, as well as manage regular password changes and the creation of credentials for new users. SSOs are also essential in revoking access from an employee once they leave the company.
Tom Garrison, vice president and general manager of Intel's Business Client Platform Division, said a key consideration for using SSO is maintaining wise security policies.
"Any company implementing SSO needs to think carefully about what requirements to put on the business users' logon," he said. "It is critical to make that logon as secure as possible."
Garrison suggests that companies implement a login system that uses multiple factors of authentication with the credentials secured in the hardware. This can increase security and identity authentication, without the need for complex, frequently changing passwords, he said.
Naturally, partnering with any SSO provider means trusting it to be responsible with some of your company's most sensitive information.
"If you're going to hand over the 'keys' to your company, there's a significant level of trust you have to have," Gold said. "You're trusting that company with all of your work apps, company data and potentially control of your cash flow. You really need to choose a business that has shown it has the ability to manage this."
Here's a look at some of the best SSO solutions on the market today and how they can help your business simplify your user authentication and identity management needs.
Best SSO Solutions
- Why it's a best pick
- OneLogin offers flexibility and scalability, along with an easy implementation process that supports the integration of multiple directory types and works across all devices and platforms.
- Free for three business and five personal applications. Paid plans start at $2 per month per user with a 25-user minimum.
- Why it's a best pick
- This user-friendly SSO solution offers a customizable enterprise service that is negotiable based on your organization's needs.
- Starts at $1 per month per user ($3 per month per user for multi-factor authentication)
- Why it's a best pick
- While many SSO solutions only offer a free version with limited feature, JumpCloud's has full functionality.
- Free for up to 10 users
Best SSO Solutions
Best Small Business SSO Solution: OneLogin
OneLogin offers a highly effective and customizable solution that's ideal for small and midsize businesses, earning it our title for best SSO for small businesses. OneLogin is relatively straightforward to implement, supports multiple directory types, has a user-friendly access portal, and offers extensive control to administrators. Through features like its self-registration pages and group management mapping tools, this SSO offers a unique level of control to those monitoring the system. However, that comes with a bit of added responsibility on the back end. Still, the additional legwork shouldn't be overly taxing for a small or midsize company.
OneLogin is affordable compared to its leading competitors. The Enterprise package is $4 per user per month, with a minimum of 10 users, while the Unlimited package rings in at $8 per user per month, with a minimum of five users. Read our full review.
Best Enterprise SSO Solution: Okta Identity Management
Okta Identity Management is a highly effective and comprehensive SSO. In addition to its integration with a wide variety of directory types, detailed reporting and user-friendly experience, Okta offers a policy engine that gives administrators a high level of control over user permissions and access.
Okta maintains several pricing packages, starting at $1 per user per month for basic SSO functionality. To enable multifactor authentication, which is a must for security-minded businesses, Okta costs $3 per user per month. The company also offers a customizable enterprise service, recommended for 5,000 or more users; this plan requires a quote from a sales representative. Read our full review.
Best Free SSO Solution: JumpCloud
JumpCloud is our pick for the best free SSO because it offers an effective, comprehensive product for free for up to 10 users. A small team can use JumpCloud for a full SSO experience without paying a dime. Not only is JumpCloud free, but it offers the most important features we looked for.
JumpCloud offers administrators several ways to manage users, including its central Directory-as-a-Service (DaaS), which can tie users to the applications, devices and networks needed for them to work productively. Users are easily managed by creating or importing accounts to the JumpCloud console, where they can be mapped to different devices, apps and networks. Administrators can also utilize groups to manage several users at once. Read our full review.
To choose the best SSO solutions for businesses, we analyzed dozens of reputable software companies. Our selection was based on user feedback, previous reviews and Better Business Bureau ratings. From there, we more closely examined our list and narrowed it down to a pool of finalists.
To select the final candidates – one for each category of best small business SSO, best free SSO and best enterprise SSO – we analyzed the following:
- Ease of use
- Security policies
- SAML authentication
- Password vaulting
- Multifactor authentication
- Customer/tech support
Here is a list of SSO solution vendors in the identity access management space. This alphabetical list includes our best picks.
AuthAnvil – AuthAnvil features multifactor authentication and places strong emphasis on security. The company offers a standard plan, which includes essential services like directory synchronization and MFA, as well as a premium version that includes more advanced administrator controls and branding features. https://authanvil.com/
Avatier – Designed for quick and simple implementation, Avatier is an affordable cloud-based SSO that also includes licensing management for any SaaS products your company uses. Avatier has a customizable user portal that helps your employees tailor the experience to their needs. https://www.avatier.com/
Bitium – Bitium is a well-known SSO that boasts a high degree of adaptability, meaning that however your organization's infrastructure is set up, Bitium is likely able to integrate with it. This makes the implementation process much smoother. Bitium primarily focuses on midsize and large businesses. https://www.bitium.com/
Centrify Identity Service – Centrify offers a holistic approach to identity access management, encompassing the cloud and mobile applications. The system supports both your employees and anyone outside of your organization who might need to access particular applications in partnership with your company. Implementation is adaptable to a number of different directory types. https://www.centrify.com/products/identity-service/
Clearlogin – Clearlogin unifies the access management process into one dashboard, simplifying the process for end users. For administrators, it lends a wide range of controls over who gains access to what, how and when. Access is easy to approve or revoke, making the identity access management process adaptable and fluid. http://www.clearlogin.com/
Dashlane – Dashlane is a personal password manager that can double as an SSO for small organizations and startups. With a free version and a premium business edition, Dashlane can adapt to suit the needs of individuals on a working team or of a small and growing business. https://www.dashlane.com/
Digital Persona – Digital Persona employs biometrics and multifactor authentication to deliver a secure SSO. While the price reflects its sophistication, Digital Persona is a reliable method of ensuring that the users accessing your system are truly the right users. This solution is recommended for larger businesses that require security peace of mind. https://www.crossmatch.com/digitalpersona/
EmpowerID – EmpowerID excels at automation of the identity access management process. Administrator roles are primarily for monitoring, rather than managing, freeing them up to handle other pressing tasks. Emphasizing self-service, EmpowerID's user portal is intuitive and easy for employees to learn. http://www.empowerid.com/
Evidian – Evidian's SSO solution is a flexible one that supports authentication via password, biometrics, and even other methods like smartcard or radio badge. The platform also has robust security controls for administrators so your policies can be tailored to precisely meet your organization's needs. https://www.evidian.com/products/enterprise-sso/
Identacor – This cloud-based SSO connects with hundreds of SaaS and web-based applications. Implementation is relatively easy; administrators won't have to spend too much time getting the platform up and running. Users access applications through a single organized dashboard. https://www.identacor.com/
Imprivata – Imprivata focuses on reducing the time and complexity of the SSO process. It simplifies its implementation with a drag-and-drop profile generator, which saves the IT department some heavy lifting. Following implementation, users can access all of their applications through a single authentication. https://www.imprivata.com/single-sign-on-sso
*JumpCloud – This cloud-based SSO, which wins our pick for best free SSO, offers wide support for a variety of directory types, aimed primarily at enterprise clients. The platform is compatible with scores of popular applications and has a user-friendly interface. The first 10 users for your company are free. Find out more at https://jumpcloud.com/daas-product/sso-single-sign-on or read our full review.
Keeper SSO Connect – This platform unifies SSO with other security features, like safe storage for proprietary data, customer data, sensitive documents and access credentials to restricted systems. Ultimately, Keeper SSO Connect serves as a centralized access system that governs more than just applications. https://keepersecurity.com/keeper-sso-connect.html
LastPass – LastPass is a simple platform suited for small teams and startups. Its robust features, including multifactor authentication, are impressive for a free service without undermining its simplicity and user-friendly interface. In case your small business outgrows the free edition, LastPass offers a premium version. https://lastpass.com
LoginRadius – LoginRadius supports multifactor authentication and multiple methods of authentication, including standard login and phone registration. With both a business and enterprise plan, LoginRadius works for businesses of all sizes. All plans include training and live support. https://www.loginradius.com/single-sign-on/
Microsoft Azure – Microsoft Azure boasts some of the largest application support out of the solutions we reviewed. The platform supports multifactor authentication for added security and employs Microsoft's infrastructure, virtually guaranteeing that your synced directory will be safe in the company's care. https://azure.microsoft.com/en-us/
miniOrange – miniOrange supports a number of different directory types. It can also communicate with most SaaS applications, as it supports all types of external identity sources, from SAML to OAuth 2.0. miniOrange gives administrators control over security policies and groups, while offering reports and data-driven information to keep them informed. http://miniorange.com/single-sign-on-sso
*Okta Identity Management – Okta, our best pick for an enterprise business SSO, is a robust and powerful platform that makes the identity access management process simple and secure. With relatively easy implementation and a simple user interface, Okta reduces the pain of integrating SSO with your current operations while boosting security and productivity. Find out more at https://www.okta.com/products/single-sign-on/ or read our full review.
*OneLogin – OneLogin, our best pick for small business SSO, is an adaptable and customizable platform that lends great control to administrators to determine security groups and policies. OneLogin impresses particularly in tailoring the directory to the needs of the organization. While this means more active engagement on the back end, it also means versatility and scalability, and the end-user experience remains easy to learn. Find out more at https://www.onelogin.com/ or read our full review.
PingFederate – PingFederate, an SSO from Ping Identity, unifies SaaS, mobile and web applications under a single authentication system. It covers the most commonly used business applications and centralizes control over identities, permissions, and credentials on the back end, giving your administrators greater control and oversight. https://www.pingidentity.com/en/platform/single-sign-on/software-sso.html
PortalGuard – PortalGuard is ideal for small businesses requiring integration with a wide variety of web and SaaS applications. Administrators have wide latitude for setting security policies and groups, including multifactor authentication and which methods it requires a user to employ. http://www.portalguard.com/
If you'd like your company to be added to this list and possibly considered as a best pick for our next round of reviews, please email your request to: firstname.lastname@example.org.