IT Leaders Agree: SSO Isn’t Enough

Written by

Hybrid work has become the norm and with it came a slew of new challenges for IT and security teams. Employees can now work from anywhere and frequently do.

They sometimes bring their own devices (BYOD) and access company information from networks outside of the physical office.

With 20% of employees having worked on public computers or from a friend’s or family member’s device, there’s also the added risk of employees working from devices not even known to them.

34% of employees use unapproved apps or tools

And with the never-ending options for SaaS apps, employees are also leaning into shadow IT more than ever to get work done: 34% of employees use unapproved apps or tools.

While great for workers – as all of these options arguably help them be more productive and produce better quality work on their own terms – it can create a huge risk for companies.

Unmanaged devices and apps mean IT teams don’t know:

  • When device health is out of date.
  • If services used are compromised in a data breach.
  • Which unapproved applications may host proprietary data.

And this gap in knowledge is something that security professionals are well aware of, with 79% admitting they don’t feel their security protections are adequate.

In an attempt to secure their organizations, IT teams have turned to a myriad of security solutions, including, but not limited to:

  • Antivirus software and Endpoint Detection and Response (EDR)
  • Virtual private networks (VPNs)
  • Security, information, and event management (SIEM)
  • Biometrics
  • Two-factor or multi-factor authentication (2FA/MFA)
  • Passkeys

Security professionals have also turned to single sign-on (SSO) to help secure all of their apps. But it’s becoming increasingly clear that SSO isn’t sufficient.

In fact, more than two thirds of security pros' say single sign-on (SSO) tools are not a complete solution for securing employee’s identity.

All of these tools have merit and do help protect organizations. But, even when put together, they only create a patchwork security solution that still has gaps for three unaddressed risks:

  • Unmanaged and unknown applications
  • Bring your own device (BYOD)
  • Unverified identities

IT teams are meant to manage security, but with limited ability to monitor or enforce set security policies, it can feel like a never-ending uphill battle. And using legacy security tools to address modern problems will not solve this evolving challenge.

That’s where Extended Access Management (XAM) comes in.

XAM is a new category that fills the gap left by traditional IAM solutions – such as BYOD and shadow IT – to secure every sign-in to every application from every device, including the apps and computers employees own, but still use for work.

New tools, such as 1Password Extended Access Management, make it possible for organizations to:

  • Secures all applications.
  • Provides a single universal sign-on to all applications.
  • Ensures the health of all devices.
  • Ensures only healthy devices can access applications.
  • Delivers an elegantly simple user experience.

XAM is the future of security – changing the way organizations approach identity and access management. It’s the first solution that takes a complete approach to securing identity, devices, and applications.

As businesses continue to evolve it’s important for cybersecurity to adapt and grow so that organizations can feel secure no matter where, or how their teams are getting work done. XAM is leading the way for how security teams can address the new ways we work.

Learn more about XAM and 1Password Extended Access Management.

Brought to you by

What’s hot on Infosecurity Magazine?