Doing everything right for once: secure authentication with single sign-on

Companies and public institutions often use password solutions to protect networks and data. It is not uncommon for this to result in serious security gaps and high administrative overhead because logins for company computers are forgotten, shared or compromised. This is where single sign-on (SSO) comes into play. We explain the advantages of this authentication mechanism and the aspects that companies need to consider when implementing it.

"No one is an island," the saying goes. This also applies in a networked working world with countless passwords, login windows and access rules. The problem is not so much the technology but the behavior of users. For example, because people often use particularly easy-to-remember passwords, which can be guessed just as easily, or because access data gets into the hands of colleagues.

Single sign-on: Simply better

A secure and convenient alternative is a single sign-on system that combines login software with RFID (Radio Frequency Identification) or smartphone-enabled technologies such as NFC (Near Field Communication) and BLE (Bluetooth® Low Energy) for user authentication and access control. Here's how single sign-on works: the RFID reader is connected to or integrated with the desktop or workstation and connected to the login software. Instead of entering a password to unlock the computer, the user simply has to hold an ID card, token or smartphone up to the reader. In conjunction with the login software, they immediately gain secure access to all files and systems they are authorized to use. The technology can also be used to enable access to corporate printers and other assets. Using SSO has multiple benefits. The company improves its security. The administrative burden on the IT department is reduced by centralizing authentication systems. Employee satisfaction and productivity increase.

Thinking about tomorrow now: How to find the right reader

When selecting an RFID reader for SSO applications, it is important to choose a device that meets all requirements — now and in the future. There are several aspects to consider when integrating RFID into PC login software.

Use of different technologies

A wide variety of RFID card technologies are in use around the world — each with its own data formats, communication frequencies and security features. Login software developers may therefore need to be able to support many different card technologies if they are selling into a diverse market. ELATEC's multi-frequency readers can meet these requirements. Depending on the model, they can read more than 60 card technologies. They are also certified for use in up to 110 countries. This means they can support virtually any card technology in use by users.

The switch to mobile devices

The proportion of employees in offices who have a company cell phone is growing steadily. Therefore, switching from RFID cards or tokens to smartphone-based access systems can pay off for companies — both for physical access and SSO. First, because the solutions meet with high acceptance among employees, who appreciate the convenience. Second, because app-based access control systems are easy for IT departments to manage. ELATEC's multi-frequency RFID readers can be configured for smartphone-based NFC and BLE technologies.

Changing requirements

Times change, and so do the requirements for RFID readers. Among other things, new technologies or operating systems, enhanced security or encryption features may require updates or reconfigurations. Especially in large companies managing hundreds or thousands of devices, this can become a problem. ELATEC readers have an open programming interface that makes them highly adaptable and therefore future-proof. The readers can be programmed to enable specific functions for sophisticated PC login software and support mobile access control technologies. In addition, updates are possible via remote maintenance. This future-proofs the installed solution for the customer.