Yesterday we had a conversation about single sign on and the potential for increased exposure because of the single security control. It’s an interesting challenge, minimizing the number of passwords people need to remember and use while maintaining layers of security. In a single sign on environment it’s possible, and perhaps even likely, that any compromise of a user account would span email, intranet, the HR system, a CRM system and/or an accounting or timekeeping system, and a development environment.
This would force a much larger incident investigation, perhaps spanning the vast majority of an organization’s IT systems.
Compare that to the single system password approach and a compromise of an email system password (very probable with remote/traveling users) wouldn’t likely impact all the above mentioned systems. That’s not to say that users aren’t likely to reuse a password across multiple systems, however, it’s much easier for an attacker to use single sign on functionality rather than attempting to login to every system with the known password.
The flip side of the coin is that a single sign on system can use a very robust authentication mechanism, which dramatically reduces the probability of compromise. In practice this would be a two-factor authentication system, such as a smart card or token device. Fastmail (fastmail.fm) has an interesting one-time use password tool, which creates a list of passwords that can each be used once. This is a great poor-man’s security control for times when you’re traveling and need to use shared computers or other untrusted devices.