SAML 2.0 – Increasing App Security and Facilitating Users Management

Article
Ewa Kwolek-Mazur
Digital Marketing Manager
Rakuten Aquafadas

SAML 2.0 (Security Assertion Markup Language 2.0) is an open standard for exchanging authentication information between a service provider (e.g. a website or a mobile app) and an identity provider (a trusted provider that supports single sign-on to access other websites - social networks sometimes often as identity providers by verifying that the user is authorised and return authentication information to the site the person was trying to log in to. A familiar example would be the “Login with Facebook” feature seen on various websites.

In an enterprise context, from the end-user point of view, it’s very powerful as it can facilitate access for employees across multiple apps and platforms, drastically cutting the number of credentials required.

From an IT department’s point of view, it’s significantly advantageous, as it increases security and enables IT managers, to secure applications without the need for bespoke development.

How does it work?

Thanks to the SAML protocol, employees can log into numerous cloud apps using just one username and password. SAML norm centralises the authentication process at the identity provider’s level and normalises it so that any cloud app (service provider) using this protocol is able to easily authenticate users.

Centrally managed access controls – today’s IT headache

SAML is a response to the challenges IT teams face today when it comes to access management. To mention just a few of them:

  • Safety requirements of strong authentication rules
  • Forgotten passwords linked with piling ticket request
  • Lack of access to tools resulting in low productivity
  • Need to disable users access when they leave the company
  • Inability to control users access control resulting in vulnerability to compromise by phishing, brute force attacks, hacking of cloud databases etc.

Adecco example

Adecco is a staffing company with a high number of sales reps based in multiple offices across the world. In France, they needed to solve a challenge of sales documents management and access.

“Our teams used to spend hours updating and sharing documents via emails and intranet with our representatives across the country. At the same time our business priority was to expand our sales ability and make their work more efficient.”

In 2016, working together with Aquafadas, they created a sales enablement app: Adecco Essentiel acts as a safe and always on repository of precious sales demos, documents, presentations and more. It was built as a private app accessible with mandatory authentications details only, available online and offline.

They decided to further strengthen their app security and to bring consistency in terms of users access and authentication process. Together with Aquafadas they implemented the SAML 2.0 standard. This allowed them to manage their Adecco Essentiel app’s users independently with increased security while meeting compliance rules.

Want more like this?

Want more like this?

Insight delivered to your inbox

Keep up to date with our free email. Hand picked whitepapers and posts from our blog, as well as exclusive videos and webinar invitations keep our Users one step ahead.

By clicking 'SIGN UP', you agree to our Terms of Use and Privacy Policy

side image splash

By clicking 'SIGN UP', you agree to our Terms of Use and Privacy Policy