Best tools for single sign-on (SSO)

SSO can reduce the risk of weak passwords and administrative overhead associated with managing account access. These are the top single sign-on solutions to consider.

1 2 Page 2
Page 2 of 2

OneLogin also offers an adaptive authentication product that builds on its own Protect mobile software authentication tool and supports a variety of other authenticator apps such as Google Authenticator and Duo. A unified access tool bridges on-premises and cloud apps and a real-time user provisioning tool for both faster on- and off-boarding.

PerfectCloud SmartSignIn

This continues to be a very basic SSO solution. There is a free single-user version for managing up to four apps. PerfectCloud was one of the first to add a second factor passphrase to its logins, but it has fallen behind in not supporting any of the mobile authenticator apps. This passphrase is encrypted on the device and they don’t store it, so that is a distinguishing feature. The product starts at $6 per user per month for the SMB version. That doesn’t include additional features such as AD integration, access and group management and policy rules.  

Ping Identity PingOne

Ping is another long-time SSO player and one of the first to offer federated identity provisioning with its Ping Federate product. You’ll need this to implement other MFA apps besides its own smartphone app.

Ping prices its basic SSO app differently depending on whether it is sold directly or through one of its many channel partners. The basic pricing includes both MFA and SSO for $3 per user per month, which is very competitive considering what features are included. There is a free 30-day trial, too.

Its catalog has 1,650 apps that come pre-configured. PingOne supports a wide variety of MFA apps (from itself and its competitors such as RSA, Symantec, Duo and Gemalto) and methods, including Apple’s FaceID, fingerprint and voice authentication, along with various FIDO authentication methods and other hardware tokens. Ping also works with a number of mobile management tools, including MobileIron, Airwatch and InTune and a number of other identity providers, including AD, Azure AD, Google and Open ID Connect and SAML.

RSA SecurID Access Suite

RSA has been a market leader in authentication since it first minted its SecurID key fob token, and it now offers a variety of tools in the full identity governance market thanks to a combination of acquisitions and integrations over the years. It has a solid SSO offering, but obviously wants you to implement its full-blown identity governance solution. (Note: I do consult for RSA.)

strom sso rsa RSA

RSA’s access details, where you set up risk profiles that determine how often to authenticate to particular behaviors.

RSA also has two different mobile MFA apps: RSA SecurID Access Authenticate, which supports push to approve, biometric face and voice authentications. This app will also provide MFA logins for a variety of SaaS apps.  It also has RSA SecurID Mobile OTP, which is its software token solution. RSA SecurID Access supports a wide variety of identity providers. In addition to SAML, Open ID Connect, RADIUS AD and Azure AD, it also integrates with Ping, Okta, OneLogin and others too.

The SecureID Access product is sold both through resellers and directly; pricing varies. RSA quoted me $1,830 a month for a 500-user package that includes user licenses, MFA authentication, biometric and FIDO support. The product has three different overall pricing tiers: basic is the SSO-only version, enterprise adds bulk provisioning and self-enrollment, and premium adds advanced risk analytics. Each plan starts at $1 per user per month and the premium plan can cost up to $5 per user per month.

CSO  >  Single sign-on  >  SSO Vendors Summary CSO / IDG

Copyright © 2019 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
Get the best of CSO ... delivered. Sign up for our FREE email newsletters!