Debunking SSO security myths

May 07, 2018

In the healthcare industry, particularly in emergency situations, providers must be able to swiftly attend to their patients by accessing vital applications and devices. Unfortunately, the task of logging into multiple care systems means less face time with the patient. At the same time, healthcare providers must ensure that their network and patient data are kept safe.

A single sign-on (SSO) solution creates an environment where staff members only need to remember one password. This means passwords no longer have to be written down (a major security risk), and providers are able to quickly login to devices and applications.

Despite its usefulness in streamlining sign in processes, a cloud of skepticism regarding single sign-on security remains. The sections below debunk some of the biggest myths about SSO security and why healthcare providers should consider implementing the solutions.

Myth: One password equals trouble

Care providers must often remember eight or more application usernames and passwords. Moving to one username and password combination may seem counterproductive to the effort of guarding information, but using a SSO solution to access every application also removes the need to write anything down and leave login credentials vulnerable. And with authentication options that bypass manual entry of credentials – like a badge tap or a swipe of a fingerprint – this process becomes even more secure.

Myth: It’s too expensive

Some health systems think that a big chunk of time and money will be necessary to implement a SSO solution. In reality, it doesn’t take much time, won’t break the bank, and could actually save money by improving employee efficiency. And after IT administrators and key stakeholders implement SSO in one area, they quickly see it’s simple and cost effective to roll out SSO to the rest of the organization.

Myth: There’s no real benefit

Installing SSO security measures not only saves time for healthcare employees but also carries additional benefits. For example, the solution allows providers to remain HIPAA-compliant by maintaining a detailed log of each user who accessed a system and what they did while on the network.

SSO security solutions deliver several benefits to healthcare providers. They allow clinicians to provide better care and aid IT departments in dealing with fewer password issues while adhering to regulatory demands. By having one set of secure login credentials, providers can keep their patient’s data safe and enhance their caregiving capabilities.

Myth: It’s not a solution for cyberattacks

Even though SSO doesn’t prevent data breaches in the same way that technologies like ransomware do, it’s a critical tool in combatting cyber threats. Many of the well-known ransomware attacks, like WannaCry, affected organizations because users clicked on a phishing links in emails they received. Phishing emails tend to request that the recipient reset their passwords and frequently offers a link to do so. When – not if – users fall victim to these phishing scams, they open themselves, and their network, up to attacks. SSO reduces the dependency on passwords and allows users to directly reset their passwords from login screens, which means that users no longer trust these types of emails. Fewer emails opened and fewer links clicked mean heightened enterprise security.