Work with stakeholders on their procurement requests
Create bids, invite vendors, and get results quickly
Engage internal collaborators to score RFx projects
Stay on top of milestones and vendor performance
Access award-winning coaching and support
February 18, 2020 | Emily Lambert
Single-sign on (SSO) is becoming a critical criteria in public sector software, and when looking at the benefits of SSO—not to mention, how lax many people are with password security—it isn’t hard to see why.
Perhaps your passwords aren’t as bad as “password123,” but maybe you reuse the same password on different accounts—adding a “!” to the end of your tried-and-true password when you’re asked to include a special character.
We don’t blame you! As public sector organizations continue to invest more and more in software-as-a-service, the amount of online accounts that you log in to every day is growing. To keep things as simple as possible, it makes sense to try and recycle passwords.
Unfortunately, that simple act of repeating a password opens up your organization to disastrous data breach risk.
You’re likely no stranger to some of the high-profile data breaches of the past few years or the spread of ransomware attacks in the public sector. The truth is, no one is exempt from being a target; in 2019, a collection of 2.7 billion identity records, consisting of 774 million unique email addresses and 21 million unique passwords, were posted on the web for sale. And if you think you’re exempt because your agency is small, think again—43% of data breach victims are small businesses.
To protect your organization from a data breach resulting from a stolen or weak password, SSO is here to help.
We sat down with Jay Rosenberger, Bonfire’s Director of IT, Security, and Compliance to get a better idea of what SSO is, why public sector organizations especially should be investing in SSO, and what the benefits of integrating SSO into your Bonfire platform are.
Jay: Single sign-on (SSO) is a method to authenticate the user to a website or system against a centrally managed identity provider (IdP). For Bonfire clients, this means your users can log into Bonfire using their existing username and password without the need to create and remember a new password.
Jay: When a user logs into Bonfire, the request to authenticate is sent back to your IdP (your authentication server) instead of ours. If the username and password are correct, access will be granted. The passwords used to authenticate against your IdP are never stored in Bonfire.
Jay: Data breach attacks happen every day and the chances of passwords being stolen from these breaches are increasing. With the rapid adoption of cloud-based services, ensuring that identities and credentials are controlled and protected becomes a challenge for organizations of all sizes.
Should one of your users leave the company, as soon as you disable their access on your IdP, they will no longer be able to access Bonfire. This helps reduce the time and risk of missing items during your employee offboarding process.
Jay: Many compliance regulations require a robust identity and access management program. As organizations offload services into third-party systems in the cloud, their risk increases. The use of SSO is a great way to help meet your compliance obligations and reduce risk.
Jay: Without the need to remember yet another password, your employees will be able to log into any service that supports SSO with their existing credentials. That means they won’t need to write a complex password down where it might be seen and the frequency of password resets is reduced. The result is a far less frustrating experience for employees which ultimately leads to greater employee satisfaction.
Jay: SSO can reduce time and effort in employee offboarding and reduce the complexity of identity and access management.
Jay: At the end of the day, the biggest benefit of SSO is greater security and compliance. With fewer passwords for employees to remember, reduced recycled passwords, more visibility into login activities, and a guarantee to meet compliance obligations, you can sleep easy knowing that your employees’ weak or reused passwords aren’t risking a security breach in your organization.
Jay: There are lots, but to name a few…a simpler user experience, reduced IT costs, increased security, reduced risk, and better compliance. Why wouldn’t you want SSO integrated into your Bonfire account?
To take your Bonfire account security and compliance to the next level with SSO, connect your IT manager with your Bonfire client success manager today.
Emily Lambert | Bonfire Interactive
As the Content Marketing Strategist at Bonfire, Emily writes thought leadership for procurement teams in the public sector. Best practices content for procurement professionals doesn’t have to be a chore to get through—which is why Emily strives to strike the balance of writing educational yet engaging content that inspires sourcing experts and equips them to make the best purchasing decisions.
Keep getting the most out of your Bonfire experience.