Replacing legacy enterprise SSO systems with modern standards

I would like to highlight a digital transformation that I have witnessed and contributed to since a few years now. This transformation is about the adoption of standards based software to achieve Single Sign On (SSO) in enterprise environments, replacing legacy vendor systems that have been around for a decades.

About 20 years ago companies started to implement intra-enterprise SSO based on vendor proprietary mechanisms and protocols. This comes with a strong dependency on the vendor  and over the years thereafter in most cases it resulted in extremely high costs in licensing, infrastructure and professional services.

In addition, the legacy mechanisms are often based on enterprise-wide cookies which makes them vulnerable to user impersonation attacks, especially from insiders, and also makes it hard to move applications into the cloud. See also: https://hanszandbelt.wordpress.com/2015/12/14/the-importance-of-audience-in-web-sso/

On top of that, many legacy systems would come with proprietary “agent” software that has strong a dependency on (a specific version of) the policy server from the same vendor, making upgrades very painful and time consuming. Implementing an open standard reduces that dependency and makes it easier to apply upgrades or switch between vendors.

I have observed that the biggest uptake of the OpenID Connect standard recently is in enterprise SSO, replacing legacy vendor proprietary systems and I am happy be able to contribute to that in the form of open source software for a variety of web servers and reverse proxies. Please reach out to me if you think this software can be useful for your business as well.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s