Single Sign-on: It’s Only as Good as Your Ability to
Because they are dependent on dozens of highly technical processes, modern factories can’t afford to let security burden end users who rely on technology. While this sounds simple enough, putting a plan in action isn’t easy.
The pandemic, the Internet of Things (IoT), and the proliferation of cloud technologies sparked digital transformation, practically overnight. Manufacturers were forced to adopt new technologies to keep up with remote work, while still relying heavily upon on-premises infrastructure. Increased regulations like those from the National Institute of Standards and Technology (NIST) and Cybersecurity Maturity Model Certification (CMMC) posed even greater security complexities as manufacturers ramped up production to meet global demands. All of these factors led to a disheveled infrastructure that has allowed cybercriminals to thrive.
To ensure compliance, maintain bottom lines, and solve fragmentation, manufacturers need an access management strategy that works with all aspects of their environment. An agile single sign-on solution is the best place to start.
Integrating Single Sign-on
Single sign-on (SSO) isn’t new. Many manufacturers have been utilizing the function for years to streamline operations. But with so much diverse technology, some of it dating back decades, manufacturing’s patchwork environment has created a fragmentation challenge for both end users and IT departments.
While end users have to juggle several passwords across multiple apps, websites, and workstations, IT has the additional burden of monitoring user access and managing security in this complex environment. This includes conducting password resets and manually on- and offboarding users for each app.
It’s necessary that SSO integrates with every application and endpoint — both on-premises and in the cloud. Not only would this help solve fragmentation and reduce the burden on IT, but with fewer logins to remember (or none at all), it would also increase productivity and satisfaction for end users. As more policies and regulations require additional authentication, modernizing SSO cannot be a maybe, but is a must.
Enable Compliance With Access Management
Before attacks like the one on Colonial Pipeline, many manufacturing plants had poorly secured workstations to streamline employee access to keep critical processes functioning. However, that ease of access also opened the door to cyber criminals. In response, increased regulations from the Department of Defense (DoD), like NIST and CMMC, completely transformed the security environment to protect federal infrastructure.
This may be less complicated for modern manufacturers with largely cloud environments. But for those smaller or midsize manufacturers that still rely a lot of on-premises technology, improving security can be frustrating for end users. And frankly, many organizations can’t afford to overhaul this older technology to accommodate modern solutions that favor cloud. Instead, they need SSO that accommodates them.
Among the several digital identity requirements outlined by NIST, organizations that process any data related to government agencies or the DoD (a large bucket into which many manufacturers fall) must log in every time a system or application is accessed. In essence, this means no more unsecured workstations that workers can walk up to and start working on. NIST also requires increasingly complex passwords for every login and, in many circumstances, enforces multifactor authentication (MFA).
For end users who previously only had to log in a handful of times throughout their shift, this added authentication can become a burden — especially for plant workers wearing full protective gear who previously only had to push a few buttons to enable operations. With factories under more pressure than ever before, their bottom lines cannot afford to deal with hindered productivity.
These increased regulations represent a pivotal moment for the on-premises manufacturer. In short, if your SSO doesn’t integrate with every login, it’s time for you to rethink your access management strategy with these two words: passwordless experience.
The Passwordless Experience
Without the ability to use SSO for every login, there’s more risk of credentials being forgotten — or worse, compromised. The fewer credentials an end user has to remember, the less likely that person is to forget a password or write it down. So, isn’t the best password the one you don’t know?
Think about it. If a user only logs in by tapping an NFC badge to a reader or by using biometrics, that password will remain stored away, only invoked in the background when the user authenticates. In combination with a push notification or physical token for MFA, organizations can provide employees with a completely passwordless experience that benefits both security and productivity. This also enables better holistic digital identity management, traceability, and agility across the entire organization.
While compliance should be achieved, it does not equal security. It’s time to ditch meeting the minimums and strive toward efficient methods that enable growth. The technology you have is only as good as your ability to use it, so ensure it’s useful for everyone. Because after all, without SSO for every login, you are only as strong as your weakest password.
About the Author
As the Senior Vice President of Worldwide Engineering and Cyber at Imprivata, Joel Burleson-Davis is responsible for building, delivering, and evolving the suite of Imprivata’s cybersecurity products. Before joining Imprivata, Joel was Chief Technical Officer at SecureLink, the leader in critical access management. There he developed advanced solutions for enterprises to secure access to their most valuable assets, systems, and data. While at SecureLink, Joel was responsible for the overall technology and operational strategy and execution including direction and oversight for Product Development, Quality Assurance, IT and Cybersecurity Operations, Compliance, and Customer Success.