In any organization where single sign-on is being implemented it becomes extremely important to ensure accountability is retained. Users need to be encouraged that they be the only one to log into a workstation. If one person logs in, then all applications under the SSO umbrella will launch under the credentials of that user. In an environment where one person logs onto a workstation then allows others to launch applications without first logging in as that other person, accountability is put at risk.
A core tenant of security is that every person (user) is uniquely identified to ensure that all actions of that user can be accounted for. In many ways this is like an extension of the risk of sharing your password with others.
No comments:
Post a Comment